cvelistv5 - cve-2008-3865

CVE-2008-3865 (GCVE-0-2008-3865)

Vulnerability from cvelistv5 – Published: 2009-01-21 20:00 – Updated: 2024-08-07 09:53

Summary

Severity ?

No CVSS data available.

CWE

Assigner

flexera

References

URL

Tags

	http://www.securitytracker.com/id?1021615	vdb-entryx_refsource_SECTRACK
	http://secunia.com/secunia_research/2008-42/	x_refsource_MISC
	http://www.trendmicro.com/ftp/documentation/readm…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/500195/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/33358	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/0191	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/33609	third-party-advisoryx_refsource_SECUNIA
	http://securityreason.com/securityalert/4937	third-party-advisoryx_refsource_SREASON
	http://secunia.com/advisories/31160	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1021614	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1021615",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021615"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-42/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
          },
          {
            "name": "tmpfw-apithread-bo(48107)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
          },
          {
            "name": "20090120 Secunia Research: Trend Micro Network Security Component Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
          },
          {
            "name": "33358",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33358"
          },
          {
            "name": "ADV-2009-0191",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0191"
          },
          {
            "name": "33609",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33609"
          },
          {
            "name": "4937",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4937"
          },
          {
            "name": "31160",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31160"
          },
          {
            "name": "1021614",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021614"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "1021615",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021615"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-42/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
        },
        {
          "name": "tmpfw-apithread-bo(48107)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
        },
        {
          "name": "20090120 Secunia Research: Trend Micro Network Security Component Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
        },
        {
          "name": "33358",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33358"
        },
        {
          "name": "ADV-2009-0191",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0191"
        },
        {
          "name": "33609",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33609"
        },
        {
          "name": "4937",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4937"
        },
        {
          "name": "31160",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31160"
        },
        {
          "name": "1021614",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021614"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-3865",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1021615",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021615"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-42/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-42/"
            },
            {
              "name": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
              "refsource": "CONFIRM",
              "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
            },
            {
              "name": "tmpfw-apithread-bo(48107)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
            },
            {
              "name": "20090120 Secunia Research: Trend Micro Network Security Component Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
            },
            {
              "name": "33358",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33358"
            },
            {
              "name": "ADV-2009-0191",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0191"
            },
            {
              "name": "33609",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33609"
            },
            {
              "name": "4937",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4937"
            },
            {
              "name": "31160",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31160"
            },
            {
              "name": "1021614",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021614"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-3865",
    "datePublished": "2009-01-21T20:00:00",
    "dateReserved": "2008-08-29T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C374395B-80B1-4FBA-88F6-1C155900E4DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F794E937-C7EC-423B-AF79-F7C214114BCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A220318-78FB-4D3B-968D-7B0BF3BB1969\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos de b\\u00fafer basados en mont\\u00edculo en la funci\\u00f3n ApiThread en el servicio de cortafuegos (tambi\\u00e9n conocido como TmPfw.exe) en los m\\u00f3dulos Trend Micro Network Security Component (NSC), del modo que se usan en Trend Micro OfficeScan 8.0 SP1 Patch 1 e Internet Security 2007 y 2008 17.0.1224, permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un paquete con un valor peque\\u00f1o en un campo de tama\\u00f1o no especificado.\"}]",
      "id": "CVE-2008-3865",
      "lastModified": "2024-11-21T00:50:18.470",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-01-21T20:30:00.203",
      "references": "[{\"url\": \"http://secunia.com/advisories/31160\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/33609\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2008-42/\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4937\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/500195/100/0/threaded\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.securityfocus.com/bid/33358\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1021614\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.securitytracker.com/id?1021615\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\", \"source\": \"PSIRT-CNA@flexerasoftware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0191\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48107\", \"source\": \"PSIRT-CNA@flexerasoftware.com\"}, {\"url\": \"http://secunia.com/advisories/31160\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/33609\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/secunia_research/2008-42/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4937\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/500195/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/33358\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1021614\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1021615\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48107\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3865\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2009-01-21T20:30:00.203\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en la funci\u00f3n ApiThread en el servicio de cortafuegos (tambi\u00e9n conocido como TmPfw.exe) en los m\u00f3dulos Trend Micro Network Security Component (NSC), del modo que se usan en Trend Micro OfficeScan 8.0 SP1 Patch 1 e Internet Security 2007 y 2008 17.0.1224, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete con un valor peque\u00f1o en un campo de tama\u00f1o no especificado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C374395B-80B1-4FBA-88F6-1C155900E4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F794E937-C7EC-423B-AF79-F7C214114BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A220318-78FB-4D3B-968D-7B0BF3BB1969\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/31160\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33609\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-42/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4937\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/500195/100/0/threaded\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securityfocus.com/bid/33358\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1021614\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securitytracker.com/id?1021615\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0191\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48107\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://secunia.com/advisories/31160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-42/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/500195/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/33358\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1021614\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2009-AVI-026

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectant Trend Micro OfficeScan permettent à une personne malintentionnée d'effectuer un déni de service, d'exécuter du code arbitraire ou de contourner la politique de sécurité.

Description

De multiples vulnérabilités ont été découvertes dans Trend Micro OfficeScan :

des erreurs dans la validation des entrées dans le service OfficeScan NT Firewall permettent d'exécuter du code arbitraire avec les droits SYSTEM ou de provoquer un déni de service ;
une manipulation de la configuration est possible pour un utilisateur local via des paquets spécialement conçus malgré la restriction par mot de passe activée pour manipuler l'interface de configuration.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Trend Micro OfficeScan version 8.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro du 16 janvier 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTrend Micro OfficeScan version 8.x.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Trend Micro\nOfficeScan :\n\n-   des erreurs dans la validation des entr\u00e9es dans le service\n    OfficeScan NT Firewall permettent d\u0027ex\u00e9cuter du code arbitraire avec\n    les droits SYSTEM ou de provoquer un d\u00e9ni de service ;\n-   une manipulation de la configuration est possible pour un\n    utilisateur local via des paquets sp\u00e9cialement con\u00e7us malgr\u00e9 la\n    restriction par mot de passe activ\u00e9e pour manipuler l\u0027interface de\n    configuration.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3864"
    },
    {
      "name": "CVE-2008-3866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3866"
    },
    {
      "name": "CVE-2008-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3865"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-026",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-01-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectant Trend Micro OfficeScan permettent \u00e0\nune personne malintentionn\u00e9e d\u0027effectuer un d\u00e9ni de service, d\u0027ex\u00e9cuter\ndu code arbitraire ou de contourner la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Trend Micro OfficeScan",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro du 16 janvier 2009",
      "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
    }
  ]
}

CERTA-2009-AVI-026

Vulnerability from certfr_avis - Published: - Updated:

Description

De multiples vulnérabilités ont été découvertes dans Trend Micro OfficeScan :

des erreurs dans la validation des entrées dans le service OfficeScan NT Firewall permettent d'exécuter du code arbitraire avec les droits SYSTEM ou de provoquer un déni de service ;
une manipulation de la configuration est possible pour un utilisateur local via des paquets spécialement conçus malgré la restriction par mot de passe activée pour manipuler l'interface de configuration.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Trend Micro OfficeScan version 8.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro du 16 janvier 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTrend Micro OfficeScan version 8.x.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Trend Micro\nOfficeScan :\n\n-   des erreurs dans la validation des entr\u00e9es dans le service\n    OfficeScan NT Firewall permettent d\u0027ex\u00e9cuter du code arbitraire avec\n    les droits SYSTEM ou de provoquer un d\u00e9ni de service ;\n-   une manipulation de la configuration est possible pour un\n    utilisateur local via des paquets sp\u00e9cialement con\u00e7us malgr\u00e9 la\n    restriction par mot de passe activ\u00e9e pour manipuler l\u0027interface de\n    configuration.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3864"
    },
    {
      "name": "CVE-2008-3866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3866"
    },
    {
      "name": "CVE-2008-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3865"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-026",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-01-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectant Trend Micro OfficeScan permettent \u00e0\nune personne malintentionn\u00e9e d\u0027effectuer un d\u00e9ni de service, d\u0027ex\u00e9cuter\ndu code arbitraire ou de contourner la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Trend Micro OfficeScan",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro du 16 janvier 2009",
      "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
    }
  ]
}

GHSA-HXVH-X39F-F92F

Vulnerability from github – Published: 2022-05-02 00:04 – Updated: 2025-04-09 04:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3865"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-01-21T20:30:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.",
  "id": "GHSA-hxvh-x39f-f92f",
  "modified": "2025-04-09T04:03:12Z",
  "published": "2022-05-02T00:04:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3865"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31160"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33609"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2008-42"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4937"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33358"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021614"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021615"
    },
    {
      "type": "WEB",
      "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0191"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2008-3865

Vulnerability from fkie_nvd - Published: 2009-01-21 20:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/31160	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/33609	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-42/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://securityreason.com/securityalert/4937
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/500195/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/33358	Patch
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021614
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021615
PSIRT-CNA@flexerasoftware.com	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2009/0191
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/48107
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31160	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33609	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-42/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/4937
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/500195/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33358	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021614
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021615
af854a3a-2127-422b-91ae-364da2661108	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0191
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48107

Impacted products

Vendor	Product	Version
trend_micro	internet_security_2007	*
trend_micro	internet_security_2008	17.0.1224
trend_micro	officescan	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C374395B-80B1-4FBA-88F6-1C155900E4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
              "matchCriteriaId": "F794E937-C7EC-423B-AF79-F7C214114BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9A220318-78FB-4D3B-968D-7B0BF3BB1969",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en la funci\u00f3n ApiThread en el servicio de cortafuegos (tambi\u00e9n conocido como TmPfw.exe) en los m\u00f3dulos Trend Micro Network Security Component (NSC), del modo que se usan en Trend Micro OfficeScan 8.0 SP1 Patch 1 e Internet Security 2007 y 2008 17.0.1224, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete con un valor peque\u00f1o en un campo de tama\u00f1o no especificado."
    }
  ],
  "id": "CVE-2008-3865",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-21T20:30:00.203",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31160"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33609"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-42/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securityreason.com/securityalert/4937"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33358"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1021614"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1021615"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2009/0191"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31160"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-42/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-200901-0446

Vulnerability from variot - Updated: 2022-05-04 09:31

Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field. Successful exploits may allow an attacker to crash an affected application, execute arbitrary code, or bypass security. These issues affect the following: Trend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1 Trend Micro Internet Security 2008 Trend Micro Internet Security Pro 2008 Trend Micro PC-cillin Internet Security 2007.

3) Missing authentication to the Trend Micro Personal Firewall service (TmPfw.exe) listening on port 40000/TCP by default can be exploited by any local user to manipulate the firewall configuration via specially crafted packets regardless of whether password restriction has been enabled for the configuration interface.

The vulnerabilities are confirmed in versions 16.10.1063 and 16.10.1079. Other versions may also be affected.

ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2008-42/ http://secunia.com/secunia_research/2008-43/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

====================================================================== 2) Severity

Rating: Less critical Impact: Denial of Service Privilege Escalation Where: Local system

====================================================================== 3) Vendor's Description of Software

"Trend Micro Internet Security provides smart, up-to-date protection for your home network against present and future threats without slowing down your PC.". These can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.

1) Input validation errors exist in the firewall service (TmPfw.exe) within the "ApiThread()" function when processing packets sent to the service (by default port 40000/TCP). These can be exploited to cause heap-based buffer overflows via specially crafted packets containing a small value in a size field.

2) Input validation errors exist in the firewall service (TmPfw.exe) within the "ApiThread()" function when processing packets sent to the service (by default port 40000/TCP). These can be exploited to crash the service via specially crafted packets containing an overly large value in a size field.

====================================================================== 5) Solution

Apply patch for OfficeScan 8.0 SP1 Patch 1.

====================================================================== 6) Time Table

17/10/2008 - Vendor notified. 18/10/2008 - Vendor response. 14/12/2008 - Vendor provides hotfix for testing. 19/12/2008 - Vendor informed that hotfix fixes vulnerabilities. 18/01/2009 - Vendor issues fix for OfficeScan 8.0 SP1 Patch 1. 20/01/2009 - Public disclosure.

====================================================================== 7) Credits

Discovered by Carsten Eiram, Secunia Research.

====================================================================== 8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned the following CVE identifiers:

CVE-2008-3864 (DoS via large size value)
CVE-2008-3865 (buffer overflow)

Trend Micro: http://www.trendmicro.com/ftp/documentation/readme/ OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt

====================================================================== 9) About Secunia

Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

====================================================================== 10) Verification

Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-42/

Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/

======================================================================

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200901-0446",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "trend micro",
        "version": "8.0"
      },
      {
        "model": "internet security 2008",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "trend micro",
        "version": "17.0.1224"
      },
      {
        "model": "internet security 2007",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trend micro",
        "version": "*"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "2007"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "2008 17.0.1224"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "8.0 sp1 patch 1"
      },
      {
        "model": "internet security 2007",
        "scope": null,
        "trust": 0.6,
        "vendor": "trend micro",
        "version": null
      },
      {
        "model": "pc-cillin internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "2007"
      },
      {
        "model": "officescan corporate edition sp1 patch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "8.01"
      },
      {
        "model": "internet security pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "2008"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "2008"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Carsten Eiram",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2008-3865",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2008-3865",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 1.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-3865",
            "trust": 1.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200901-236",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field. \nSuccessful exploits may allow an attacker to crash an affected application, execute arbitrary code, or bypass security. \nThese issues affect the following:\nTrend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1\nTrend Micro Internet Security 2008\nTrend Micro Internet Security Pro 2008\nTrend Micro PC-cillin Internet Security 2007. \n\n3) Missing authentication to the Trend Micro Personal Firewall\nservice (TmPfw.exe) listening on port 40000/TCP by default can be\nexploited by any local user to manipulate the firewall configuration\nvia specially crafted packets regardless of whether password\nrestriction has been enabled for the configuration interface. \n\nThe vulnerabilities are confirmed in versions 16.10.1063 and\n16.10.1079. Other versions may also be affected. \n\nORIGINAL ADVISORY:\nSecunia Research:\nhttp://secunia.com/secunia_research/2008-42/\nhttp://secunia.com/secunia_research/2008-43/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n====================================================================== \n2) Severity \n\nRating: Less critical\nImpact: Denial of Service\n\tPrivilege Escalation\nWhere:  Local system\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"Trend Micro Internet Security provides smart, up-to-date protection\nfor your home network against present and future threats without\nslowing down your PC.\". \nThese can be exploited by malicious, local users to cause a DoS \n(Denial of Service) or potentially gain escalated privileges. \n\n1) Input validation errors exist in the firewall service (TmPfw.exe) \nwithin the \"ApiThread()\" function when processing packets sent to the \nservice (by default port 40000/TCP). These can be exploited to cause \nheap-based buffer overflows via specially crafted packets containing a\nsmall value in a size field. \n\n2) Input validation errors exist in the firewall service (TmPfw.exe) \nwithin the \"ApiThread()\" function when processing packets sent to the\nservice (by default port 40000/TCP). These can be exploited to crash \nthe service via specially crafted packets containing an overly large \nvalue in a size field. \n\n====================================================================== \n5) Solution \n\nApply patch for OfficeScan 8.0 SP1 Patch 1. \n\n====================================================================== \n6) Time Table \n\n17/10/2008 - Vendor notified. \n18/10/2008 - Vendor response. \n14/12/2008 - Vendor provides hotfix for testing. \n19/12/2008 - Vendor informed that hotfix fixes vulnerabilities. \n18/01/2009 - Vendor issues fix for OfficeScan 8.0 SP1 Patch 1. \n20/01/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nthe following CVE identifiers:\n\n* CVE-2008-3864 (DoS via large size value)\n* CVE-2008-3865 (buffer overflow)\n\nTrend Micro:\nhttp://www.trendmicro.com/ftp/documentation/readme/\nOSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2008-42/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "BID",
        "id": "33358"
      },
      {
        "db": "PACKETSTORM",
        "id": "74111"
      },
      {
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "db": "PACKETSTORM",
        "id": "74109"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-3865",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "33358",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "31160",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "33609",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1021614",
        "trust": 1.6
      },
      {
        "db": "SECTRACK",
        "id": "1021615",
        "trust": 1.6
      },
      {
        "db": "SREASON",
        "id": "4937",
        "trust": 1.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-0191",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "48107",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20090120 SECUNIA RESEARCH: TREND MICRO NETWORK SECURITY COMPONENT VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "74111",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74169",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74109",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "PACKETSTORM",
        "id": "74111"
      },
      {
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "db": "PACKETSTORM",
        "id": "74109"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "id": "VAR-200901-0446",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2022-05-04T09:31:05.129000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Critical Patch - Server Build 3191 and NSC module Build 1045",
        "trust": 0.8,
        "url": "http://www.trendmicro.com/ftp/documentation/readme/osce8.0_sp1_patch1_criticalpatch_3191_readme.txt"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://secunia.com/secunia_research/2008-42/"
      },
      {
        "trust": 2.0,
        "url": "http://www.trendmicro.com/ftp/documentation/readme/osce8.0_sp1_patch1_criticalpatch_3191_readme.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/33358"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1021615"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1021614"
      },
      {
        "trust": 1.6,
        "url": "http://securityreason.com/securityalert/4937"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/33609"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/31160"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2009/0191"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3865"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3865"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/48107"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/500195/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2009/0191"
      },
      {
        "trust": 0.5,
        "url": "http://secunia.com/secunia_research/2008-43/"
      },
      {
        "trust": 0.3,
        "url": "http://uk.trendmicro-europe.com/enterprise/products/groups.php?prodgroup=3\u0026family=5"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/500195"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/16916/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/16915/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/13436/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/31160/"
      },
      {
        "trust": 0.1,
        "url": "http://www.trendmicro.com/ftp/documentation/readme/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/corporate/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/mailing_lists/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3865"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3864"
      },
      {
        "trust": 0.1,
        "url": "http://us.trendmicro.com/us/products/personal/internet-security/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/14630/"
      },
      {
        "trust": 0.1,
        "url": "http://www.trendmicro.com/ftp/products/patches/osce_8.0_sp1_patch1_win_en_criticalpatch_b3191.exe"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33609/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "PACKETSTORM",
        "id": "74111"
      },
      {
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "db": "PACKETSTORM",
        "id": "74109"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "33358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "db": "PACKETSTORM",
        "id": "74111"
      },
      {
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "db": "PACKETSTORM",
        "id": "74109"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-01-20T00:00:00",
        "db": "BID",
        "id": "33358"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "date": "2009-01-20T15:48:37",
        "db": "PACKETSTORM",
        "id": "74111"
      },
      {
        "date": "2009-01-21T02:19:03",
        "db": "PACKETSTORM",
        "id": "74169"
      },
      {
        "date": "2009-01-20T15:48:31",
        "db": "PACKETSTORM",
        "id": "74109"
      },
      {
        "date": "2009-01-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "date": "2009-01-21T20:30:00",
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-02-06T16:18:00",
        "db": "BID",
        "id": "33358"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      },
      {
        "date": "2018-10-11T20:50:00",
        "db": "NVD",
        "id": "CVE-2008-3865"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trend Micro NSC Module firewall heap-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005297"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200901-236"
      }
    ],
    "trust": 0.6
  }
}

GSD-2008-3865

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-3865

Aliases

CVE-2008-3865

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3865",
    "description": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.",
    "id": "GSD-2008-3865"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3865"
      ],
      "details": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.",
      "id": "GSD-2008-3865",
      "modified": "2023-12-13T01:23:05.012105Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2008-3865",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1021615",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021615"
          },
          {
            "name": "http://secunia.com/secunia_research/2008-42/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2008-42/"
          },
          {
            "name": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
            "refsource": "CONFIRM",
            "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
          },
          {
            "name": "tmpfw-apithread-bo(48107)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
          },
          {
            "name": "20090120 Secunia Research: Trend Micro Network Security Component Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
          },
          {
            "name": "33358",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33358"
          },
          {
            "name": "ADV-2009-0191",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0191"
          },
          {
            "name": "33609",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33609"
          },
          {
            "name": "4937",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/4937"
          },
          {
            "name": "31160",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31160"
          },
          {
            "name": "1021614",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021614"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-3865"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33358",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/33358"
            },
            {
              "name": "31160",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31160"
            },
            {
              "name": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-42/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2008-42/"
            },
            {
              "name": "33609",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/33609"
            },
            {
              "name": "4937",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/4937"
            },
            {
              "name": "1021615",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021615"
            },
            {
              "name": "1021614",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021614"
            },
            {
              "name": "ADV-2009-0191",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0191"
            },
            {
              "name": "tmpfw-apithread-bo(48107)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48107"
            },
            {
              "name": "20090120 Secunia Research: Trend Micro Network Security Component Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/500195/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-11T20:50Z",
      "publishedDate": "2009-01-21T20:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-3865 (GCVE-0-2008-3865)

CERTA-2009-AVI-026

Description

Solution

CERTA-2009-AVI-026

Description

Solution

GHSA-HXVH-X39F-F92F

FKIE_CVE-2008-3865

VAR-200901-0446

GSD-2008-3865

Tags

Sightings

Nomenclature