VAR-201304-0023
Vulnerability from variot - Updated: 2023-12-18 12:38The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted web site. TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and Communication Security Technology Center (ICST), Taiwan R.O.C Kuang-Chun Hung reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote attacker may create an arbitrary file on the system and as a result, arbitrary code may be executed. Canary Labs Trend Link is prone to a vulnerability caused by an insecure method. Attackers can exploit this issue to overwrite arbitrary files in the context of the application (typically Internet Explorer) that is using the ActiveX control, which may aid in a remote code execution or cause denial-of-service conditions. Canary Labs Trend Link 9.0.2.27051 and prior versions are vulnerable. An attacker could exploit this vulnerability to write arbitrary content to arbitrary files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "trendlink",
"scope": "lte",
"trust": 1.0,
"vendor": "canarylabs",
"version": "9.0.2.27051"
},
{
"model": "trendlink",
"scope": "lte",
"trust": 0.8,
"vendor": "canary",
"version": "9.0.2.27051"
},
{
"model": "trendlink",
"scope": "eq",
"trust": 0.6,
"vendor": "canarylabs",
"version": "9.0.2.27051"
},
{
"model": "labs trend link",
"scope": "eq",
"trust": 0.3,
"vendor": "canary",
"version": "9.0.2.27051"
}
],
"sources": [
{
"db": "BID",
"id": "58944"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:canarylabs:trendlink:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.0.2.27051",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3022"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kuang-Chun Hung",
"sources": [
{
"db": "BID",
"id": "58944"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3022",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.5,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3022",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-56303",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3022",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-144",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-56303",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56303"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted web site. TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and Communication Security Technology Center (ICST), Taiwan R.O.C Kuang-Chun Hung reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote attacker may create an arbitrary file on the system and as a result, arbitrary code may be executed. Canary Labs Trend Link is prone to a vulnerability caused by an insecure method. \nAttackers can exploit this issue to overwrite arbitrary files in the context of the application (typically Internet Explorer) that is using the ActiveX control, which may aid in a remote code execution or cause denial-of-service conditions. \nCanary Labs Trend Link 9.0.2.27051 and prior versions are vulnerable. An attacker could exploit this vulnerability to write arbitrary content to arbitrary files",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "BID",
"id": "58944"
},
{
"db": "VULHUB",
"id": "VHN-56303"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3022",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-13-098-01",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVN30281958",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52939",
"trust": 0.6
},
{
"db": "BID",
"id": "58944",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-56303",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56303"
},
{
"db": "BID",
"id": "58944"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"id": "VAR-201304-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56303"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:38:34.933000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TrendLink",
"trust": 0.8,
"url": "http://www.canarylabs.com/software/canary-trend-link"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56303"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-098-01.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3022"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-098-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/en/jp/jvn30281958/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3022"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52939"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.canarylabs.com/software/canary-trend-link"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56303"
},
{
"db": "BID",
"id": "58944"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56303"
},
{
"db": "BID",
"id": "58944"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-16T00:00:00",
"db": "VULHUB",
"id": "VHN-56303"
},
{
"date": "2013-04-08T00:00:00",
"db": "BID",
"id": "58944"
},
{
"date": "2014-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"date": "2013-04-16T14:04:30.683000",
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-16T00:00:00",
"db": "VULHUB",
"id": "VHN-56303"
},
{
"date": "2013-04-08T00:00:00",
"db": "BID",
"id": "58944"
},
{
"date": "2014-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002240"
},
{
"date": "2013-04-16T15:21:09.667000",
"db": "NVD",
"id": "CVE-2012-3022"
},
{
"date": "2013-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Arbitrary program execution vulnerability in TrendLink ActiveX control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-144"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…