← Back

CVE-2018-6218

nvd nist
Published: Feb 16, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

Affected (8)

Trendmicro
5 products
Deep Security
Endpoint Sensor
Officescan
Security
Worry Free Business Security
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Trendmicro
Deep Security
Version 10.0
Deep Security
Version 10.1
Endpoint Sensor
Version 1.6
Trendmicro
Officescan
Version 11.0
Officescan
Version 12.0
Security
Version 12.0
Trendmicro
Worry Free Business Security
Version 9.5
Worry Free Business Security
Version 9.5

Related CWEs

CWE-426
Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

References (8)

Source: security@trendmicro.com
Third Party AdvisoryVDB Entry
Source: security@trendmicro.com
Third Party Advisory
Source: security@trendmicro.com
Vendor Advisory
Source: security@trendmicro.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.