cvelistv5 - cve-2008-3866

cve-2008-3866

Vulnerability from cvelistv5

Published

2009-01-21 20:00

Modified

2024-08-07 09:53

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/31160	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/33609	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-43/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/33358	Patch
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021616
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021617
PSIRT-CNA@flexerasoftware.com	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2009/0191
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/48108
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31160	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33609	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-43/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33358	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021616
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021617
af854a3a-2127-422b-91ae-364da2661108	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0191
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48108

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T09:53:00.489Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/secunia_research/2008-43/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
               },
               {
                  name: "1021616",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1021616",
               },
               {
                  name: "nsc-tmpfw-security-bypass(48108)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
               },
               {
                  name: "1021617",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1021617",
               },
               {
                  name: "33358",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/33358",
               },
               {
                  name: "ADV-2009-0191",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2009/0191",
               },
               {
                  name: "33609",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/33609",
               },
               {
                  name: "31160",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31160",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2009-01-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-08-07T12:57:01",
            orgId: "44d08088-2bea-4760-83a6-1e9be26b15ab",
            shortName: "flexera",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://secunia.com/secunia_research/2008-43/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
            },
            {
               name: "1021616",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1021616",
            },
            {
               name: "nsc-tmpfw-security-bypass(48108)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
            },
            {
               name: "1021617",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1021617",
            },
            {
               name: "33358",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/33358",
            },
            {
               name: "ADV-2009-0191",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2009/0191",
            },
            {
               name: "33609",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/33609",
            },
            {
               name: "31160",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31160",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "PSIRT-CNA@flexerasoftware.com",
               ID: "CVE-2008-3866",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://secunia.com/secunia_research/2008-43/",
                     refsource: "MISC",
                     url: "http://secunia.com/secunia_research/2008-43/",
                  },
                  {
                     name: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
                     refsource: "MISC",
                     url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
                  },
                  {
                     name: "1021616",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1021616",
                  },
                  {
                     name: "nsc-tmpfw-security-bypass(48108)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
                  },
                  {
                     name: "1021617",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1021617",
                  },
                  {
                     name: "33358",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/33358",
                  },
                  {
                     name: "ADV-2009-0191",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2009/0191",
                  },
                  {
                     name: "33609",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/33609",
                  },
                  {
                     name: "31160",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31160",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "44d08088-2bea-4760-83a6-1e9be26b15ab",
      assignerShortName: "flexera",
      cveId: "CVE-2008-3866",
      datePublished: "2009-01-21T20:00:00",
      dateReserved: "2008-08-29T00:00:00",
      dateUpdated: "2024-08-07T09:53:00.489Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2008-3866\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2009-01-21T20:30:00.233\",\"lastModified\":\"2024-11-21T00:50:18.583\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.\"},{\"lang\":\"es\",\"value\":\"El servicio Trend Micro Personal Firewall (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC, utilizado en Trend Micro OfficeScan 8.0 SP1 parche 1 e Internet Security 2007 y 2008 v17.0.1224, se basa en la protección de la contraseña del lado del cliente implementada en la configuración GUI, lo que permite a usuarios locales evitar las restricciones de  de acceso previstas y cambiar las configuraciones del cortafuegos utilizando un cliente modificado que envía paquetes manipulados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C374395B-80B1-4FBA-88F6-1C155900E4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F794E937-C7EC-423B-AF79-F7C214114BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A220318-78FB-4D3B-968D-7B0BF3BB1969\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/31160\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33609\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-43/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33358\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1021616\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securitytracker.com/id?1021617\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0191\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48108\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://secunia.com/advisories/31160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-43/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33358\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1021616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}

ghsa-v2r3-54rp-h7wx

Vulnerability from github

Published

2022-05-02 00:04

Modified

2022-05-02 00:04

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2008-3866",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-287",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2009-01-21T20:30:00Z",
      severity: "MODERATE",
   },
   details: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
   id: "GHSA-v2r3-54rp-h7wx",
   modified: "2022-05-02T00:04:25Z",
   published: "2022-05-02T00:04:24Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2008-3866",
      },
      {
         type: "WEB",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
      },
      {
         type: "WEB",
         url: "http://secunia.com/advisories/31160",
      },
      {
         type: "WEB",
         url: "http://secunia.com/advisories/33609",
      },
      {
         type: "WEB",
         url: "http://secunia.com/secunia_research/2008-43",
      },
      {
         type: "WEB",
         url: "http://www.securityfocus.com/bid/33358",
      },
      {
         type: "WEB",
         url: "http://www.securitytracker.com/id?1021616",
      },
      {
         type: "WEB",
         url: "http://www.securitytracker.com/id?1021617",
      },
      {
         type: "WEB",
         url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
      },
      {
         type: "WEB",
         url: "http://www.vupen.com/english/advisories/2009/0191",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets. Successful exploits may allow an attacker to crash an affected application, execute arbitrary code, or bypass security. These issues affect the following: Trend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1 Trend Micro Internet Security 2008 Trend Micro Internet Security Pro 2008 Trend Micro PC-cillin Internet Security 2007. These can be exploited to cause heap-based buffer overflows via specially crafted packets containing a small value in a size field.

The vulnerabilities are confirmed in versions 16.10.1063 and 16.10.1079. Other versions may also be affected.

ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2008-42/ http://secunia.com/secunia_research/2008-43/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

====================================================================== 2) Severity

Rating: Less critical Impact: Security bypass Where: Local system

====================================================================== 3) Vendor's Description of Software

"Trend Micro Internet Security provides smart, up-to-date protection for your home network against present and future threats without slowing down your PC.". This can be exploited by malicious, local users to manipulate firewall settings regardless of configured security settings. the firewall settings. To prevent any user from changing the settings, password restriction can be enabled. This can be exploited to manipulate the firewall settings regardless of whether password restriction is enabled by sending specially crafted packets to the service listening on port 40000/TCP.

====================================================================== 5) Solution

Apply patch for OfficeScan 8.0 SP1 Patch 1.

====================================================================== 6) Time Table

22/10/2008 - Vendor notified. 22/10/2008 - Vendor response. 14/12/2008 - Vendor provides hotfix for testing. 19/12/2008 - Vendor informed that hotfix fixes vulnerabilities. 18/01/2009 - Vendor issues fix for OfficeScan 8.0 SP1 Patch 1. 20/01/2009 - Public disclosure.

====================================================================== 7) Credits

Discovered by Carsten Eiram, Secunia Research.

====================================================================== 8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-3866 for the vulnerability.

Trend Micro: http://www.trendmicro.com/ftp/documentation/readme/ OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt

====================================================================== 9) About Secunia

Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory

database as a service to the security community and private individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

====================================================================== 10) Verification

Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-43/

Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/

======================================================================

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-200901-0447",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "internet security 2008",
            scope: "eq",
            trust: 2.4,
            vendor: "trend micro",
            version: "17.0.1224",
         },
         {
            model: "officescan",
            scope: "eq",
            trust: 1.6,
            vendor: "trend micro",
            version: "8.0",
         },
         {
            model: "internet security 2007",
            scope: null,
            trust: 1.4,
            vendor: "trend micro",
            version: null,
         },
         {
            model: "internet security 2007",
            scope: "eq",
            trust: 1,
            vendor: "trend micro",
            version: "*",
         },
         {
            model: "officescan",
            scope: "eq",
            trust: 0.8,
            vendor: "trend micro",
            version: "8.0 sp1 patch 1",
         },
         {
            model: "pc-cillin internet security",
            scope: "eq",
            trust: 0.3,
            vendor: "trend micro",
            version: "2007",
         },
         {
            model: "officescan corporate edition sp1 patch",
            scope: "eq",
            trust: 0.3,
            vendor: "trend micro",
            version: "8.01",
         },
         {
            model: "internet security pro",
            scope: "eq",
            trust: 0.3,
            vendor: "trend micro",
            version: "2008",
         },
         {
            model: "internet security",
            scope: "eq",
            trust: 0.3,
            vendor: "trend micro",
            version: "2008",
         },
      ],
      sources: [
         {
            db: "BID",
            id: "33358",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
      ],
      sources: [
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Carsten Eiram",
      sources: [
         {
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
      ],
      trust: 0.7,
   },
   cve: "CVE-2008-3866",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  acInsufInfo: null,
                  accessComplexity: "Low",
                  accessVector: "Local",
                  authentication: "None",
                  author: "NVD",
                  availabilityImpact: "Partial",
                  baseScore: 4.6,
                  confidentialityImpact: "Partial",
                  exploitabilityScore: null,
                  id: "CVE-2008-3866",
                  impactScore: null,
                  integrityImpact: "Partial",
                  obtainAllPrivilege: null,
                  obtainOtherPrivilege: null,
                  obtainUserPrivilege: null,
                  severity: "Medium",
                  trust: 1.8,
                  userInteractionRequired: null,
                  vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                  version: "2.0",
               },
            ],
            cvssV3: [],
            severity: [
               {
                  author: "NVD",
                  id: "CVE-2008-3866",
                  trust: 1.8,
                  value: "Medium",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-200901-237",
                  trust: 0.6,
                  value: "MEDIUM",
               },
            ],
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets. \nSuccessful exploits may allow an attacker to crash an affected application, execute arbitrary code, or bypass security. \nThese issues affect the following:\nTrend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1\nTrend Micro Internet Security 2008\nTrend Micro Internet Security Pro 2008\nTrend Micro PC-cillin Internet Security 2007. These can be\nexploited to cause heap-based buffer overflows via specially crafted\npackets containing a small value in a size field. \n\nThe vulnerabilities are confirmed in versions 16.10.1063 and\n16.10.1079. Other versions may also be affected. \n\nORIGINAL ADVISORY:\nSecunia Research:\nhttp://secunia.com/secunia_research/2008-42/\nhttp://secunia.com/secunia_research/2008-43/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n====================================================================== \n2) Severity \n\nRating: Less critical\nImpact: Security bypass\nWhere:  Local system\n\n====================================================================== \n3) Vendor's Description of Software \n\n\"Trend Micro Internet Security provides smart, up-to-date protection\nfor your home network against present and future threats without\nslowing down your PC.\". \nThis can be exploited by malicious, local users to manipulate firewall\nsettings regardless of configured security settings. the firewall settings. To prevent any user \nfrom changing the settings, password restriction can be enabled. \nThis can be exploited to manipulate the firewall settings regardless \nof whether password restriction is enabled by sending specially \ncrafted packets to the service listening on port 40000/TCP. \n\n====================================================================== \n5) Solution \n\nApply patch for OfficeScan 8.0 SP1 Patch 1. \n\n====================================================================== \n6) Time Table \n\n22/10/2008 - Vendor notified. \n22/10/2008 - Vendor response. \n14/12/2008 - Vendor provides hotfix for testing. \n19/12/2008 - Vendor informed that hotfix fixes vulnerabilities. \n18/01/2009 - Vendor issues fix for OfficeScan 8.0 SP1 Patch 1. \n20/01/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nCVE-2008-3866 for the vulnerability. \n\nTrend Micro:\nhttp://www.trendmicro.com/ftp/documentation/readme/\nOSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt\n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\n\n\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2008-43/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
      sources: [
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "BID",
            id: "33358",
         },
         {
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            db: "PACKETSTORM",
            id: "74170",
         },
      ],
      trust: 2.16,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2008-3866",
            trust: 2.8,
         },
         {
            db: "BID",
            id: "33358",
            trust: 1.9,
         },
         {
            db: "SECUNIA",
            id: "31160",
            trust: 1.7,
         },
         {
            db: "SECUNIA",
            id: "33609",
            trust: 1.7,
         },
         {
            db: "SECTRACK",
            id: "1021616",
            trust: 1.6,
         },
         {
            db: "SECTRACK",
            id: "1021617",
            trust: 1.6,
         },
         {
            db: "VUPEN",
            id: "ADV-2009-0191",
            trust: 1.6,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
            trust: 0.8,
         },
         {
            db: "XF",
            id: "48108",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
            trust: 0.6,
         },
         {
            db: "PACKETSTORM",
            id: "74111",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "74109",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "74170",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "BID",
            id: "33358",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   id: "VAR-200901-0447",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VARIoT devices database",
            id: null,
         },
      ],
      trust: 1,
   },
   last_update_date: "2022-05-04T09:31:05.074000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "Critical Patch - Server Build 3191 and NSC module Build 1045",
            trust: 0.8,
            url: "http://www.trendmicro.com/ftp/documentation/readme/osce8.0_sp1_patch1_criticalpatch_3191_readme.txt",
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-287",
            trust: 1.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 2.2,
            url: "http://secunia.com/secunia_research/2008-43/",
         },
         {
            trust: 2,
            url: "http://www.trendmicro.com/ftp/documentation/readme/osce8.0_sp1_patch1_criticalpatch_3191_readme.txt",
         },
         {
            trust: 1.6,
            url: "http://www.securityfocus.com/bid/33358",
         },
         {
            trust: 1.6,
            url: "http://secunia.com/advisories/33609",
         },
         {
            trust: 1.6,
            url: "http://secunia.com/advisories/31160",
         },
         {
            trust: 1.6,
            url: "http://www.securitytracker.com/id?1021617",
         },
         {
            trust: 1.6,
            url: "http://www.securitytracker.com/id?1021616",
         },
         {
            trust: 1,
            url: "http://www.vupen.com/english/advisories/2009/0191",
         },
         {
            trust: 1,
            url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
         },
         {
            trust: 0.8,
            url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3866",
         },
         {
            trust: 0.8,
            url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3866",
         },
         {
            trust: 0.6,
            url: "http://xforce.iss.net/xforce/xfdb/48108",
         },
         {
            trust: 0.6,
            url: "http://www.frsirt.com/english/advisories/2009/0191",
         },
         {
            trust: 0.5,
            url: "http://secunia.com/secunia_research/2008-42/",
         },
         {
            trust: 0.3,
            url: "http://uk.trendmicro-europe.com/enterprise/products/groups.php?prodgroup=3&family=5",
         },
         {
            trust: 0.3,
            url: "/archive/1/500195",
         },
         {
            trust: 0.3,
            url: "http://secunia.com/advisories/business_solutions/",
         },
         {
            trust: 0.2,
            url: "http://secunia.com/advisories/secunia_security_advisories/",
         },
         {
            trust: 0.2,
            url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org",
         },
         {
            trust: 0.2,
            url: "http://secunia.com/advisories/about_secunia_advisories/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/product/16916/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/product/16915/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/product/13436/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/31160/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/product/14630/",
         },
         {
            trust: 0.1,
            url: "http://www.trendmicro.com/ftp/products/patches/osce_8.0_sp1_patch1_win_en_criticalpatch_b3191.exe",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/33609/",
         },
         {
            trust: 0.1,
            url: "http://www.trendmicro.com/ftp/documentation/readme/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/secunia_research/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/corporate/jobs/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/mailing_lists/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/advisories/",
         },
         {
            trust: 0.1,
            url: "http://secunia.com/",
         },
         {
            trust: 0.1,
            url: "http://us.trendmicro.com/us/products/personal/internet-security/",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2008-3866",
         },
         {
            trust: 0.1,
            url: "http://lists.grok.org.uk/full-disclosure-charter.html",
         },
      ],
      sources: [
         {
            db: "BID",
            id: "33358",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "BID",
            id: "33358",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2009-01-20T00:00:00",
            db: "BID",
            id: "33358",
         },
         {
            date: "2012-12-20T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            date: "2009-01-20T15:48:37",
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            date: "2009-01-20T15:48:31",
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            date: "2009-01-21T02:20:38",
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            date: "2009-01-21T00:00:00",
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            date: "2009-01-21T20:30:00",
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2009-02-06T16:18:00",
            db: "BID",
            id: "33358",
         },
         {
            date: "2012-12-20T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
         {
            date: "2009-02-05T00:00:00",
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
         {
            date: "2017-08-08T01:32:00",
            db: "NVD",
            id: "CVE-2008-3866",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "local",
      sources: [
         {
            db: "PACKETSTORM",
            id: "74111",
         },
         {
            db: "PACKETSTORM",
            id: "74109",
         },
         {
            db: "PACKETSTORM",
            id: "74170",
         },
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
      ],
      trust: 0.9,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Trend Micro NSC Module  Trend Micro Personal Firewall Vulnerabilities that prevent access restrictions on services",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2009-005298",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "authorization issue",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-200901-237",
         },
      ],
      trust: 0.6,
   },
}

gsd-2008-3866

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-3866

Aliases

CVE-2008-3866

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2008-3866",
      description: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
      id: "GSD-2008-3866",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2008-3866",
         ],
         details: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
         id: "GSD-2008-3866",
         modified: "2023-12-13T01:23:05.256210Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "PSIRT-CNA@flexerasoftware.com",
            ID: "CVE-2008-3866",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "n/a",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "n/a",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "n/a",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "http://secunia.com/secunia_research/2008-43/",
                  refsource: "MISC",
                  url: "http://secunia.com/secunia_research/2008-43/",
               },
               {
                  name: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
                  refsource: "MISC",
                  url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
               },
               {
                  name: "1021616",
                  refsource: "SECTRACK",
                  url: "http://www.securitytracker.com/id?1021616",
               },
               {
                  name: "nsc-tmpfw-security-bypass(48108)",
                  refsource: "XF",
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
               },
               {
                  name: "1021617",
                  refsource: "SECTRACK",
                  url: "http://www.securitytracker.com/id?1021617",
               },
               {
                  name: "33358",
                  refsource: "BID",
                  url: "http://www.securityfocus.com/bid/33358",
               },
               {
                  name: "ADV-2009-0191",
                  refsource: "VUPEN",
                  url: "http://www.vupen.com/english/advisories/2009/0191",
               },
               {
                  name: "33609",
                  refsource: "SECUNIA",
                  url: "http://secunia.com/advisories/33609",
               },
               {
                  name: "31160",
                  refsource: "SECUNIA",
                  url: "http://secunia.com/advisories/31160",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "PSIRT-CNA@flexerasoftware.com",
               ID: "CVE-2008-3866",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-287",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "33358",
                     refsource: "BID",
                     tags: [
                        "Patch",
                     ],
                     url: "http://www.securityfocus.com/bid/33358",
                  },
                  {
                     name: "http://secunia.com/secunia_research/2008-43/",
                     refsource: "MISC",
                     tags: [
                        "Vendor Advisory",
                     ],
                     url: "http://secunia.com/secunia_research/2008-43/",
                  },
                  {
                     name: "33609",
                     refsource: "SECUNIA",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://secunia.com/advisories/33609",
                  },
                  {
                     name: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
                     refsource: "MISC",
                     tags: [
                        "Vendor Advisory",
                     ],
                     url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
                  },
                  {
                     name: "31160",
                     refsource: "SECUNIA",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://secunia.com/advisories/31160",
                  },
                  {
                     name: "1021617",
                     refsource: "SECTRACK",
                     tags: [],
                     url: "http://www.securitytracker.com/id?1021617",
                  },
                  {
                     name: "1021616",
                     refsource: "SECTRACK",
                     tags: [],
                     url: "http://www.securitytracker.com/id?1021616",
                  },
                  {
                     name: "ADV-2009-0191",
                     refsource: "VUPEN",
                     tags: [],
                     url: "http://www.vupen.com/english/advisories/2009/0191",
                  },
                  {
                     name: "nsc-tmpfw-security-bypass(48108)",
                     refsource: "XF",
                     tags: [],
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  availabilityImpact: "PARTIAL",
                  baseScore: 4.6,
                  confidentialityImpact: "PARTIAL",
                  integrityImpact: "PARTIAL",
                  vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                  version: "2.0",
               },
               exploitabilityScore: 3.9,
               impactScore: 6.4,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: true,
               obtainUserPrivilege: false,
               severity: "MEDIUM",
               userInteractionRequired: false,
            },
         },
         lastModifiedDate: "2017-08-08T01:32Z",
         publishedDate: "2009-01-21T20:30Z",
      },
   },
}

fkie_cve-2008-3866

Vulnerability from fkie_nvd

Published

2009-01-21 20:30

Modified

2024-11-21 00:50

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/31160	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/33609	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-43/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/33358	Patch
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021616
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1021617
PSIRT-CNA@flexerasoftware.com	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2009/0191
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/48108
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31160	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33609	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-43/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33358	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021616
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021617
af854a3a-2127-422b-91ae-364da2661108	http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0191
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48108

Impacted products

Vendor	Product	Version
trend_micro	internet_security_2007	*
trend_micro	internet_security_2008	17.0.1224
trend_micro	officescan	8.0

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:trend_micro:internet_security_2007:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C374395B-80B1-4FBA-88F6-1C155900E4DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:trend_micro:internet_security_2008:17.0.1224:*:*:*:*:*:*:*",
                     matchCriteriaId: "F794E937-C7EC-423B-AF79-F7C214114BCF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "9A220318-78FB-4D3B-968D-7B0BF3BB1969",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.",
      },
      {
         lang: "es",
         value: "El servicio Trend Micro Personal Firewall (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC, utilizado en Trend Micro OfficeScan 8.0 SP1 parche 1 e Internet Security 2007 y 2008 v17.0.1224, se basa en la protección de la contraseña del lado del cliente implementada en la configuración GUI, lo que permite a usuarios locales evitar las restricciones de  de acceso previstas y cambiar las configuraciones del cortafuegos utilizando un cliente modificado que envía paquetes manipulados.",
      },
   ],
   id: "CVE-2008-3866",
   lastModified: "2024-11-21T00:50:18.583",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: true,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2009-01-21T20:30:00.233",
   references: [
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/31160",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/33609",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/secunia_research/2008-43/",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         tags: [
            "Patch",
         ],
         url: "http://www.securityfocus.com/bid/33358",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         url: "http://www.securitytracker.com/id?1021616",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         url: "http://www.securitytracker.com/id?1021617",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         url: "http://www.vupen.com/english/advisories/2009/0191",
      },
      {
         source: "PSIRT-CNA@flexerasoftware.com",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/31160",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/33609",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/secunia_research/2008-43/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "http://www.securityfocus.com/bid/33358",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1021616",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1021617",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.trendmicro.com/ftp/documentation/readme/OSCE8.0_SP1_Patch1_CriticalPatch_3191_Readme.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.vupen.com/english/advisories/2009/0191",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48108",
      },
   ],
   sourceIdentifier: "PSIRT-CNA@flexerasoftware.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-287",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-3866

Vulnerability from cvelistv5

ghsa-v2r3-54rp-h7wx

Vulnerability from github

var-200901-0447

Vulnerability from variot

gsd-2008-3866

Vulnerability from gsd

fkie_cve-2008-3866

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature