cvelistv5 - cve-2018-6218

cve-2018-6218

Vulnerability from cvelistv5

Published

2018-02-16 22:00

Modified

2024-08-05 05:54

Severity ?

Summary

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

References

URL	Tags
security@trendmicro.com	http://www.securityfocus.com/bid/103096	Third Party Advisory, VDB Entry
security@trendmicro.com	https://jvn.jp/jp/JVN28865183/	Third Party Advisory
security@trendmicro.com	https://success.trendmicro.com/jp/solution/1119348	Vendor Advisory
security@trendmicro.com	https://success.trendmicro.com/solution/1119326	Vendor Advisory

Impacted products

▼	Vendor	Product
	Trend Micro	Trend Micro User-Mode Hooking (UMH) Module

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:54:53.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103096",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103096"
          },
          {
            "name": "JVN#28865183",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "https://jvn.jp/jp/JVN28865183/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/1119326"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/1119348"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro User-Mode Hooking (UMH) Module",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "NA"
            }
          ]
        }
      ],
      "datePublic": "2018-02-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DLL Hijacking",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-22T10:57:01",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "name": "103096",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103096"
        },
        {
          "name": "JVN#28865183",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "https://jvn.jp/jp/JVN28865183/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://success.trendmicro.com/solution/1119326"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/1119348"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2018-6218",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro User-Mode Hooking (UMH) Module",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "NA"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DLL Hijacking"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103096",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103096"
            },
            {
              "name": "JVN#28865183",
              "refsource": "JVN",
              "url": "https://jvn.jp/jp/JVN28865183/"
            },
            {
              "name": "https://success.trendmicro.com/solution/1119326",
              "refsource": "CONFIRM",
              "url": "https://success.trendmicro.com/solution/1119326"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/1119348",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/1119348"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2018-6218",
    "datePublished": "2018-02-16T22:00:00",
    "dateReserved": "2018-01-25T00:00:00",
    "dateUpdated": "2024-08-05T05:54:53.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6218\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2018-02-16T22:29:00.413\",\"lastModified\":\"2021-09-13T12:22:39.027\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de secuestro de DLL en Trend Micro\u0027s User-Mode Hooking Module (UMH) podr\u00eda permitir que un atacante ejecute c\u00f3digo arbitrario en un sistema vulnerable.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.1},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CC7B6BD-BAF1-4E0D-9BFB-6A9BE7D3AC40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29DDA171-30DC-4673-BE55-4A0DCBB3A504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:endpoint_sensor:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D8769B6-2E3A-41E1-B48F-68B740E6CC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:officescan:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB164BF-12B5-450F-9DDB-9A3FBD544F7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:officescan:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A78EAEA-1C69-4EAA-A994-C12DD477A49F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:security:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3973C0-6707-431C-AADD-B6D9DD21A980\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:advanced:*:*:*\",\"matchCriteriaId\":\"83B0011C-35D2-45E3-8ADE-B840CCC23437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:standard:*:*:*\",\"matchCriteriaId\":\"E14789E2-CD81-421C-88CE-C17C0E9D5326\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/103096\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://jvn.jp/jp/JVN28865183/\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://success.trendmicro.com/jp/solution/1119348\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/1119326\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427). When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded. Hidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary code may be executed with the privilege of the user invoking the installer of other applications. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201802-0931",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "endpoint sensor",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "trend micro",
        "version": "1.6"
      },
      {
        "model": "deep security",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "trend micro",
        "version": "10.0"
      },
      {
        "model": "worry-free business security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "9.5"
      },
      {
        "model": "security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "12.0"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "12.0"
      },
      {
        "model": "deep security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "10.1"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "11.0"
      },
      {
        "model": "endpoint sensor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "1.6"
      },
      {
        "model": "deep security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "10.0"
      },
      {
        "model": "worry-free business security",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "trend micro",
        "version": "9.5"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "trend micro",
        "version": "11.0"
      },
      {
        "model": "deep security",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "trend micro",
        "version": "10.1"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "version 11.0"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "xg (version 12)"
      },
      {
        "model": "deep security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "10.1 (feature release)"
      },
      {
        "model": "security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "(consumer) all 2018 (v12) versions"
      },
      {
        "model": "worry-free business security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "version 9.5 (standard/advanced)"
      },
      {
        "model": "worry-free business security services",
        "scope": null,
        "trust": 0.8,
        "vendor": "trend micro",
        "version": null
      },
      {
        "model": "security",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "trend micro",
        "version": "12"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "trend micro",
        "version": "12"
      },
      {
        "model": "officescan",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "trend micro",
        "version": "12.0"
      },
      {
        "model": "premium security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "12.0"
      },
      {
        "model": "officescan business security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "9.5"
      },
      {
        "model": "officescan xg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "11"
      },
      {
        "model": "officescan xg",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "(12.0)"
      },
      {
        "model": "maximum security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "12.0"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "12.0"
      },
      {
        "model": "antivirus+ security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "12.0"
      },
      {
        "model": "worry-free business security patch",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "9.51"
      },
      {
        "model": "officescan business security patch (build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "9.511"
      },
      {
        "model": "endpoint sensor update (cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "1.63310"
      },
      {
        "model": "deep security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "10.2"
      },
      {
        "model": "deep security 10.0 u5 cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "103096"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:endpoint_sensor:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:security:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:standard:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hidenori Ohta of Mitsubishi Electric Information Systems Corporation.",
    "sources": [
      {
        "db": "BID",
        "id": "103096"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-6218",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-000013",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "VHN-136250",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.0,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "IPA",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-000013",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-6218",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2018-000013",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201802-873",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-136250",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427). When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded. Hidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary code may be executed with the privilege of the user invoking the installer of other applications. \nA remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "BID",
        "id": "103096"
      },
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-6218",
        "trust": 2.8
      },
      {
        "db": "JVN",
        "id": "JVN28865183",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "103096",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-136250",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "db": "BID",
        "id": "103096"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "id": "VAR-201802-0931",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      }
    ],
    "trust": 0.22407407000000001
  },
  "last_update_date": "2023-12-18T13:19:15.396000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Solution Id: 1119326",
        "trust": 0.8,
        "url": "https://success.trendmicro.com/solution/1119326"
      },
      {
        "title": "Trend Micro\u0027s User-Mode Hooking Module Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=159149"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-426",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://success.trendmicro.com/solution/1119326"
      },
      {
        "trust": 2.0,
        "url": "https://jvn.jp/jp/jvn28865183/"
      },
      {
        "trust": 2.0,
        "url": "https://success.trendmicro.com/jp/solution/1119348"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/103096"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6218"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20180215-jvn.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/en/jp/jvn28865183/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/en/ta/jvnta91240916/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-6218"
      },
      {
        "trust": 0.3,
        "url": "http://www.trend.com"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "db": "BID",
        "id": "103096"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "db": "BID",
        "id": "103096"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "date": "2018-02-14T00:00:00",
        "db": "BID",
        "id": "103096"
      },
      {
        "date": "2018-02-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "date": "2018-02-16T22:29:00.413000",
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "date": "2018-02-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-08-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-136250"
      },
      {
        "date": "2018-02-14T00:00:00",
        "db": "BID",
        "id": "103096"
      },
      {
        "date": "2018-04-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      },
      {
        "date": "2021-09-13T12:22:39.027000",
        "db": "NVD",
        "id": "CVE-2018-6218"
      },
      {
        "date": "2021-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insecure DLL Loading issue in multiple Trend Micro products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-000013"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-873"
      }
    ],
    "trust": 0.6
  }
}

cve-2018-6218

Vulnerability from jvndb

Published

2018-02-15 16:39

Modified

2018-04-11 12:23

Severity ?

7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Insecure DLL Loading issue in multiple Trend Micro products

Details

Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427). When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded. Hidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN28865183/index.html
	JVN	https://jvn.jp/en/ta/JVNTA91240916/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6218
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-6218
	IPA SECURITY ALERTS	https://www.ipa.go.jp/security/ciadr/vul/20180215-jvn.html
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Trend Micro, Inc.	Worry-Free Business Security
	Trend Micro, Inc.	Worry-Free Business Security Services
	Trend Micro, Inc.	Trend Micro Deep Security
	Trend Micro, Inc.	Trend Micro Endpoint Sensor
	Trend Micro, Inc.	Trend Micro Security
	Trend Micro, Inc.	OfficeScan

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000013.html",
  "dc:date": "2018-04-11T12:23+09:00",
  "dcterms:issued": "2018-02-15T16:39+09:00",
  "dcterms:modified": "2018-04-11T12:23+09:00",
  "description": "Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427).\r\n When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded.\r\n\r\nHidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000013.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:deep_security",
      "@product": "Trend Micro Deep Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:endpoint_sensor",
      "@product": "Trend Micro Endpoint Sensor",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:security",
      "@product": "Trend Micro Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:virus_baster_corporate_edition",
      "@product": "OfficeScan",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "6.8",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2018-000013",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN28865183/index.html",
      "@id": "JVN#28865183",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
      "@id": "JVNTA#91240916",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6218",
      "@id": "CVE-2018-6218",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-6218",
      "@id": "CVE-2018-6218",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/security/ciadr/vul/20180215-jvn.html",
      "@id": "Security Alert for Vulnerability in multiple Trend Micro products (JVN#28865183)",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Insecure DLL Loading issue in multiple Trend Micro products"
}

gsd-2018-6218

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

Aliases

CVE-2018-6218

Aliases

CVE-2018-6218

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-6218",
    "description": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.",
    "id": "GSD-2018-6218"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-6218"
      ],
      "details": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.",
      "id": "GSD-2018-6218",
      "modified": "2023-12-13T01:22:35.034294Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2018-6218",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro User-Mode Hooking (UMH) Module",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "NA"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "DLL Hijacking"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "103096",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103096"
          },
          {
            "name": "JVN#28865183",
            "refsource": "JVN",
            "url": "https://jvn.jp/jp/JVN28865183/"
          },
          {
            "name": "https://success.trendmicro.com/solution/1119326",
            "refsource": "CONFIRM",
            "url": "https://success.trendmicro.com/solution/1119326"
          },
          {
            "name": "https://success.trendmicro.com/jp/solution/1119348",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/jp/solution/1119348"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:endpoint_sensor:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:security:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:standard:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2018-6218"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-426"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/1119326",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/1119326"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/1119348",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/jp/solution/1119348"
            },
            {
              "name": "JVN#28865183",
              "refsource": "JVN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://jvn.jp/jp/JVN28865183/"
            },
            {
              "name": "103096",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103096"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-09-13T12:22Z",
      "publishedDate": "2018-02-16T22:29Z"
    }
  }
}

ghsa-5h87-5cj8-gq98

Vulnerability from github

Published

2022-05-13 01:05

Modified

2022-05-13 01:05

Severity ?

7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-6218"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-426"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-16T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.",
  "id": "GHSA-5h87-5cj8-gq98",
  "modified": "2022-05-13T01:05:59Z",
  "published": "2022-05-13T01:05:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6218"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/jp/JVN28865183"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/jp/solution/1119348"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/1119326"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103096"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2018-6218

Vulnerability from cvelistv5

var-201802-0931

Vulnerability from variot

cve-2018-6218

Vulnerability from jvndb

gsd-2018-6218

Vulnerability from gsd

ghsa-5h87-5cj8-gq98

Vulnerability from github

Tags

Sightings

Nomenclature