Search criteria
6 vulnerabilities found for endpoint_sensor by trendmicro
CVE-2019-14688 (GCVE-0-2019-14688)
Vulnerability from cvelistv5 – Published: 2020-02-20 22:50 – Updated: 2024-08-05 00:26
VLAI
Summary
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.
Severity
No CVSS data available.
CWE
- DLL Hijack
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/1123562 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise) |
Affected:
IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:37.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1123562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise)",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T22:50:22.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/1123562"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-14688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise)",
"version": {
"version_data": [
{
"version_value": "IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/1123562",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/1123562"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2019-14688",
"datePublished": "2020-02-20T22:50:22.000Z",
"dateReserved": "2019-08-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:26:37.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6218 (GCVE-0-2018-6218)
Vulnerability from cvelistv5 – Published: 2018-02-16 22:00 – Updated: 2024-08-05 05:54
VLAI
Summary
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
Severity
No CVSS data available.
CWE
- DLL Hijacking
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/103096 | vdb-entryx_refsource_BID |
| https://jvn.jp/jp/JVN28865183/ | third-party-advisoryx_refsource_JVN |
| https://success.trendmicro.com/solution/1119326 | x_refsource_CONFIRM |
| https://success.trendmicro.com/jp/solution/1119348 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro User-Mode Hooking (UMH) Module |
Affected:
NA
|
Date Public
2018-02-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:54:53.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro User-Mode Hooking (UMH) Module",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-22T10:57:01.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2018-6218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro User-Mode Hooking (UMH) Module",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"refsource": "JVN",
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"name": "https://success.trendmicro.com/solution/1119326",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"name": "https://success.trendmicro.com/jp/solution/1119348",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2018-6218",
"datePublished": "2018-02-16T22:00:00.000Z",
"dateReserved": "2018-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T05:54:53.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6798 (GCVE-0-2017-6798)
Vulnerability from cvelistv5 – Published: 2017-03-10 10:29 – Updated: 2024-08-05 15:41
VLAI
Summary
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96857 | vdb-entryx_refsource_BID |
| https://success.trendmicro.com/solution/1116827 | x_refsource_CONFIRM |
Date Public
2017-03-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1116827"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-15T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1116827"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96857"
},
{
"name": "https://success.trendmicro.com/solution/1116827",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1116827"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6798",
"datePublished": "2017-03-10T10:29:00.000Z",
"dateReserved": "2017-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:41:17.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-14688 (GCVE-0-2019-14688)
Vulnerability from nvd – Published: 2020-02-20 22:50 – Updated: 2024-08-05 00:26
VLAI
Summary
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.
Severity
No CVSS data available.
CWE
- DLL Hijack
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/1123562 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise) |
Affected:
IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:37.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1123562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise)",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T22:50:22.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/1123562"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-14688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise)",
"version": {
"version_data": [
{
"version_value": "IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/1123562",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/1123562"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2019-14688",
"datePublished": "2020-02-20T22:50:22.000Z",
"dateReserved": "2019-08-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:26:37.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6218 (GCVE-0-2018-6218)
Vulnerability from nvd – Published: 2018-02-16 22:00 – Updated: 2024-08-05 05:54
VLAI
Summary
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
Severity
No CVSS data available.
CWE
- DLL Hijacking
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/103096 | vdb-entryx_refsource_BID |
| https://jvn.jp/jp/JVN28865183/ | third-party-advisoryx_refsource_JVN |
| https://success.trendmicro.com/solution/1119326 | x_refsource_CONFIRM |
| https://success.trendmicro.com/jp/solution/1119348 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro User-Mode Hooking (UMH) Module |
Affected:
NA
|
Date Public
2018-02-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:54:53.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro User-Mode Hooking (UMH) Module",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-22T10:57:01.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2018-6218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro User-Mode Hooking (UMH) Module",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"refsource": "JVN",
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"name": "https://success.trendmicro.com/solution/1119326",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"name": "https://success.trendmicro.com/jp/solution/1119348",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2018-6218",
"datePublished": "2018-02-16T22:00:00.000Z",
"dateReserved": "2018-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T05:54:53.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6798 (GCVE-0-2017-6798)
Vulnerability from nvd – Published: 2017-03-10 10:29 – Updated: 2024-08-05 15:41
VLAI
Summary
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96857 | vdb-entryx_refsource_BID |
| https://success.trendmicro.com/solution/1116827 | x_refsource_CONFIRM |
Date Public
2017-03-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1116827"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-15T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1116827"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96857"
},
{
"name": "https://success.trendmicro.com/solution/1116827",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1116827"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6798",
"datePublished": "2017-03-10T10:29:00.000Z",
"dateReserved": "2017-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:41:17.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}