7
CVE-2018-6218
- EPSS 0.36%
- Veröffentlicht 16.02.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:10:19
- Quelle security@trendmicro.com
- Teams Watchlist Login
- Unerledigt Login
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Trendmicro ≫ Deep Security Version10.0
Trendmicro ≫ Deep Security Version10.1
Trendmicro ≫ Endpoint Sensor Version1.6
Trendmicro ≫ Officescan Version11.0
Trendmicro ≫ Officescan Version12.0
Trendmicro ≫ Security Version12.0
Trendmicro ≫ Worry-free Business Security Version9.5 SwEditionadvanced
Trendmicro ≫ Worry-free Business Security Version9.5 SwEditionstandard
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.55 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
CWE-426 Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.