certfr_avis - certa-2006-avi-533

CERTA-2006-AVI-533

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été découvertes dans le produit Trend Micro OfficeScan.

Description

Deux vulnérabilités ont été découvertes dans le produit Trend Micro OfficeScan. Ces vulnérabilités résultent d'une mauvaise gestion de la mémoire par les modules Wizard.exe et CgiRemoteInstall.exe. Ces erreurs peuvent être exploitées par un utilisateur malintentionné afin d'exécuter du code arbitraire à distance.

L'attaquant doit cependant être authentifié afin d'exploiter cette vulnérabilité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Trend Micro	N/A	Trend Micro OfficeScan version 6.5 et versions antérieures ;
	Trend Micro	N/A	Trend Micro OfficeScan version 7.3 et versions antérieures.

References

Title

Publication Time

Tags

Bulletin de mise à jour Trend Micro	None	vendor-advisory
Bulletin de mise à jour de Trend Micro pour OfficeScan 6.5 et 7.3 :	-	other
Bulletin de mise à jour de Trend Micro pour OfficeScan 6.5 et 7.3 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Trend Micro OfficeScan version 6.5 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Trend Micro OfficeScan version 7.3 et versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le produit Trend Micro\nOfficeScan. Ces vuln\u00e9rabilit\u00e9s r\u00e9sultent d\u0027une mauvaise gestion de la\nm\u00e9moire par les modules Wizard.exe et CgiRemoteInstall.exe. Ces erreurs\npeuvent \u00eatre exploit\u00e9es par un utilisateur malintentionn\u00e9 afin\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nL\u0027attaquant doit cependant \u00eatre authentifi\u00e9 afin d\u0027exploiter cette\nvuln\u00e9rabilit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-6179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6179"
    },
    {
      "name": "CVE-2006-6180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6180"
    }
  ],
  "links": [
    {
      "title": "Bulletin de mise \u00e0 jour de Trend Micro pour OfficeScan 6.5    et 7.3 :",
      "url": "http://www.trendmicro.com/ftp/products/patches/OSCE_6.5_win_en_patch8.exe"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de Trend Micro pour OfficeScan 6.5    et 7.3 :",
      "url": "http://www.trendmicro.com/ftp/products/patches/osce_73_win_en_patch1.1.exe"
    }
  ],
  "reference": "CERTA-2006-AVI-533",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-12-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le produit Trend Micro\nOfficeScan.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9 du produit Trend Micro Office Scan",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour Trend Micro",
      "url": null
    }
  ]
}

CVE-2006-6179 (GCVE-0-2006-6179)

Vulnerability from cvelistv5 – Published: 2006-11-30 23:00 – Updated: 2024-08-07 20:19

Summary

Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/4852	vdb-entryx_refsource_VUPEN
	http://solutionfile.trendmicro.com/SolutionFile/1…	x_refsource_MISC
	http://www.securityfocus.com/bid/21442	vdb-entryx_refsource_BID
	http://esupport.trendmicro.com/support/viewxml.do…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:19:34.929Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-4852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4852"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://solutionfile.trendmicro.com/SolutionFile/1031753/en/Hotfix_Readme_OSCE7_3_B1089.txt"
          },
          {
            "name": "21442",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21442"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in PCCSRV\\Web_console\\RemoteInstallCGI\\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-12-08T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-4852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4852"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://solutionfile.trendmicro.com/SolutionFile/1031753/en/Hotfix_Readme_OSCE7_3_B1089.txt"
        },
        {
          "name": "21442",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21442"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6179",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in PCCSRV\\Web_console\\RemoteInstallCGI\\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-4852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4852"
            },
            {
              "name": "http://solutionfile.trendmicro.com/SolutionFile/1031753/en/Hotfix_Readme_OSCE7_3_B1089.txt",
              "refsource": "MISC",
              "url": "http://solutionfile.trendmicro.com/SolutionFile/1031753/en/Hotfix_Readme_OSCE7_3_B1089.txt"
            },
            {
              "name": "21442",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21442"
            },
            {
              "name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753",
              "refsource": "CONFIRM",
              "url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6179",
    "datePublished": "2006-11-30T23:00:00",
    "dateReserved": "2006-11-30T00:00:00",
    "dateUpdated": "2024-08-07T20:19:34.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-6180 (GCVE-0-2006-6180)

Vulnerability from cvelistv5 – Published: 2006-12-01 00:00 – Updated: 2024-08-07 20:19

Summary

Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/23123	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/21296	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/4707	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:19:35.005Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23123",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23123"
          },
          {
            "name": "21296",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21296"
          },
          {
            "name": "ADV-2006-4707",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4707"
          },
          {
            "name": "inews-articles-xss(30510)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30510"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23123",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23123"
        },
        {
          "name": "21296",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21296"
        },
        {
          "name": "ADV-2006-4707",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4707"
        },
        {
          "name": "inews-articles-xss(30510)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30510"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6180",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23123",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23123"
            },
            {
              "name": "21296",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21296"
            },
            {
              "name": "ADV-2006-4707",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4707"
            },
            {
              "name": "inews-articles-xss(30510)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30510"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6180",
    "datePublished": "2006-12-01T00:00:00",
    "dateReserved": "2006-11-30T00:00:00",
    "dateUpdated": "2024-08-07T20:19:35.005Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2006-AVI-533

Description

Solution

CVE-2006-6179 (GCVE-0-2006-6179)

CVE-2006-6180 (GCVE-0-2006-6180)

Tags

Sightings

Nomenclature