19 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0

An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. Una vulnerabilidad de comprobación de entrada que se encuentra en varios productos de Trend Micro que usan una versión particular de un controlador de protección de rootkit específico, podría permitir a un atacante en modo usuario con permisos de administrador abusar del controlador para modificar una dirección del kernel que puede causar un bloqueo del sistema o potencialmente conllevar a una ejecución de código en modo kernel. Un atacante ya debe haber obtenido acceso de administrador en la máquina de destino (legítimamente o mediante un ataque no relacionado separado) para explotar esta vulnerabilidad • https://jvn.jp/en/vu/JVNVU99160193/index.html https://jvn.jp/vu/JVNVU99160193 https://success.trendmicro.com/jp/solution/000260748 https://success.trendmicro.com/solution/000260713 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. Desbordamiento de búfer en Trend Micro URL Filtering Engine (TMUFE) en OfficeScan v8.0 en versiones anteriores a SP1 Patch 5 - Build 3510, posiblemente tmufeng.dll en versiones a neteriores a v3.0.0.1029, permite a atacantes producir una denegacion de servicio (caida o colgado de OfficeScan) a traves de vectores sin especificar. NOTA: Parece que esta vulnerabilidad afecta tambien a tmufeng.dll en versiones anteriores a v2.0.0.1049 para OfficeScan 10.0. • http://secunia.com/advisories/38396 http://www.securityfocus.com/bid/38083 http://www.securitytracker.com/id?1023553 http://www.trendmicro.com/ftp/documentation/readme/OSCE_80_Win_SP1_Patch_5_en_readme.txt http://www.trendmicro.com/ftp/documentation/readme/readme_1224.txt http://www.vupen.com/english/advisories/2010/0295 https://exchange.xforce.ibmcloud.com/vulnerabilities/56097 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 5

NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information. NTRtScan.exe en Trend Micro OfficeScan Client 8.0 SP1 y 8.0 SP1 Parche 1 permite a usuarios locales causar una denegación de servicio (cuelgue de la aplicación) a través de directorios con nombres de rutas largas. NOTA: algunos de estos detalles se obtienen a partir de información de terceros. • https://www.exploit-db.com/exploits/32939 http://es.geocities.com/jplopezy/officescan.zip http://osvdb.org/53890 http://secunia.com/advisories/34737 http://www.securityfocus.com/archive/1/502847/100/0/threaded http://www.securityfocus.com/archive/1/502860/100/0/threaded http://www.securityfocus.com/bid/34642 http://www.securitytracker.com/id?1022109 http://www.vupen.com/english/advisories/2009/1146 • CWE-399: Resource Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets. El servicio Trend Micro Personal Firewall (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC, utilizado en Trend Micro OfficeScan 8.0 SP1 parche 1 e Internet Security 2007 y 2008 v17.0.1224, se basa en la protección de la contraseña del lado del cliente implementada en la configuración GUI, lo que permite a usuarios locales evitar las restricciones de de acceso previstas y cambiar las configuraciones del cortafuegos utilizando un cliente modificado que envía paquetes manipulados. • http://secunia.com/advisories/31160 http://secunia.com/advisories/33609 http://secunia.com/secunia_research/2008-43 http://www.securityfocus.com/bid/33358 http://www.securitytracker.com/id?1021616 http://www.securitytracker.com/id?1021617 http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt http://www.vupen.com/english/advisories/2009/0191 https://exchange.xforce.ibmcloud.com/vulnerabilities/48108 • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 55%CPEs: 3EXPL: 0

Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field. Múltiples desbordamientos de búfer basados en montículo en la función ApiThread en el servicio de cortafuegos (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC), del modo que se usan en Trend Micro OfficeScan 8.0 SP1 Patch 1 e Internet Security 2007 y 2008 17.0.1224, permite a atacantes remotos ejecutar código de su elección mediante un paquete con un valor pequeño en un campo de tamaño no especificado. • http://secunia.com/advisories/31160 http://secunia.com/advisories/33609 http://secunia.com/secunia_research/2008-42 http://securityreason.com/securityalert/4937 http://www.securityfocus.com/archive/1/500195/100/0/threaded http://www.securityfocus.com/bid/33358 http://www.securitytracker.com/id?1021614 http://www.securitytracker.com/id?1021615 http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt http://www.vupen.com/english/advisories/2009&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •