var-201703-0719
Vulnerability from variot
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Multiple Trend Micro products are prone to a local code-injection vulnerability. A local attacker can exploit this issue to execute arbitrary code in the context of the system running the affected application; this can also result in the attacker gaining complete control of the affected application. Trend Micro Internet Security 11.0 and prior. Trend Micro Antivirus+ Security 11.0 and prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0719",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "maximum security",
"scope": "eq",
"trust": 1.1,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 1.1,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "antivirus\\+",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "premium security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "internet security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "maximum security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "premium security",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "antivirus\\+",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "premium security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1265"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0.2063"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1186"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1265"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1186"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0"
},
{
"model": "antivirus+ security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "11.0"
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:antivirus\\+:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5565"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Engstler",
"sources": [
{
"db": "BID",
"id": "97031"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-5565",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5565",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5565",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-938",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a \"DoubleAgent\" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Multiple Trend Micro products are prone to a local code-injection vulnerability. \nA local attacker can exploit this issue to execute arbitrary code in the context of the system running the affected application; this can also result in the attacker gaining complete control of the affected application. \nTrend Micro Internet Security 11.0 and prior. \nTrend Micro Antivirus+ Security 11.0 and prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "BID",
"id": "97031"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5565",
"trust": 2.7
},
{
"db": "BID",
"id": "97031",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1038206",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"id": "VAR-201703-0719",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12407407
},
"last_update_date": "2023-12-18T13:14:24.074000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SECURITY BULLETIN: Trend Micro Products and the DoubleAgent Security Issue",
"trust": 0.8,
"url": "https://success.trendmicro.com/solution/1116957"
},
{
"title": "Trend Micro Maximum Security , Internet Security And Antivirus+ Security Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68668"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/97031"
},
{
"trust": 1.9,
"url": "http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/"
},
{
"trust": 1.6,
"url": "http://cybellum.com/doubleagent-taking-full-control-antivirus/"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1038206"
},
{
"trust": 1.6,
"url": "https://success.trendmicro.com/solution/1116957"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5565"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5565"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-21T00:00:00",
"db": "BID",
"id": "97031"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"date": "2017-03-21T16:59:00.287000",
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"date": "2017-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-29T00:01:00",
"db": "BID",
"id": "97031"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Trend Micro Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.