admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Trend Micro submissions for CVE-2019-15625, 19696, 19697, and 20357

Browse Source 
Trend Micro submissions for CVE-2019-15625, 19696, 19697, and 20357
This commit is contained in:
jpattrendmicro 2020-01-17 13:27:57 -08:00
parent 71608be6c6
commit 7a8902608e
4 changed files with 261 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
2019/15xxx/CVE-2019-15625.json Normal file
View File

@ -0,0 +1,69 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-15625",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Password Manager",
"version" : {
"version_data" : [
{
"version_value" : "3.8.0.1103 and below"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information. "
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Usage"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx"
},
{
"url" : "https://jvn.jp/en/jp/JVN49593434/index.html"
},
{
"url" : "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx"
},
{
"url" : "https://jvn.jp/jp/JVN49593434/index.html"
}
]
}
}

85
2019/19xxx/CVE-2019-19696.json
View File

@ -1,18 +1,69 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19696",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-19696",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Password Manager",
"version" : {
"version_data" : [
{
"version_value" : "5.0.0.1076 and below (Windows) and 5.0.1047 and below (macOS)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. "
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "RootCA Access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124092.aspx"
},
{
"url" : "https://jvn.jp/en/jp/JVN37183636/index.html"
},
{
"url" : "https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1124091.aspx"
},
{
"url" : "https://jvn.jp/jp/JVN37183636/index.html"
}
]
}
}

79
2019/19xxx/CVE-2019-19697.json
View File

@ -1,18 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19697",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-19697",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2019 (v15)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt"
}
]
}
}

79
2019/20xxx/CVE-2019-20357.json
View File

@ -1,18 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20357",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2019-20357",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Security (Consumer)",
"version" : {
"version_data" : [
{
"version_value" : "2019 (v15) and 2020 (v16)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Persistent Arbitrary Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt"
}
]
}
}