Trend Micro OfficeScan up to Corporate 5.58 Windows Help Remote Code Execution
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.9 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic was found in Trend Micro OfficeScan. The impacted element is an unknown function of the component Windows Help Handler. Executing a manipulation can lead to Remote Code Execution. This vulnerability is registered as CVE-2004-2430. The attack requires access to the local network. Furthermore, an exploit is available. It is advisable to implement a patch to correct this issue.
Details
A vulnerability was found in Trend Micro OfficeScan (Anti-Malware Software). It has been declared as critical. This vulnerability affects an unknown function of the component Windows Help Handler. The manipulation with an unknown input leads to a remote code execution vulnerability. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.
The bug was discovered 06/09/2004. The weakness was published 06/02/2004 by donald reid with TrendMicro (Website). The advisory is shared for download at uk.trendmicro-europe.com. This vulnerability was named CVE-2004-2430 since 08/18/2005. The attack needs to approached within the local network. No form of authentication is required for a successful exploitation. Technical details are unknown but a public exploit is available.
After 1 weeks, there has been an exploit disclosed. It is declared as proof-of-concept. As 0-day the estimated underground price was around $5k-$25k.
Upgrading to version 5.58 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at uk.trendmicro-europe.com. The best possible mitigation is suggested to be patching the affected component.
The vulnerability is also documented in the databases at X-Force (16375), SecurityFocus (BID 10503†), OSVDB (6840†) and Secunia (SA11806†). Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.trendmicro.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.8VulDB Meta Temp Score: 7.9
VulDB Base Score: 8.8
VulDB Temp Score: 7.9
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Remote Code ExecutionCWE: Unknown
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Access: Public
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Upgrade: OfficeScan 5.58
Patch: uk.trendmicro-europe.com
Timeline
06/02/2004 🔍06/09/2004 🔍
06/09/2004 🔍
06/09/2004 🔍
06/10/2004 🔍
06/10/2004 🔍
12/31/2004 🔍
08/18/2005 🔍
06/28/2019 🔍
Sources
Vendor: trendmicro.comAdvisory: uk.trendmicro-europe.com
Researcher: donald reid
Organization: TrendMicro
Status: Not defined
Confirmation: 🔍
CVE: CVE-2004-2430 (🔍)
GCVE (CVE): GCVE-0-2004-2430
GCVE (VulDB): GCVE-100-700
X-Force: 16375 - Trend Micro OfficeScan service allows elevated privileges, High Risk
SecurityFocus: 10503 - Trend Micro OfficeScan Local Privilege Escalation Vulnerability
Secunia: 11806 - Trend Micro OfficeScan Privilege Escalation Vulnerability, Less Critical
OSVDB: 6840 - Trend Micro OfficeScan Help System Privilege Escalation
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 06/10/2004 17:19Updated: 06/28/2019 16:50
Changes: 06/10/2004 17:19 (78), 06/28/2019 16:50 (1)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.