CVE-2018-3608

Summary

CVE	CVE-2018-3608
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-07-06 19:29:00 UTC
Updated	2018-08-28 16:19:00 UTC
Description	A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.

Risk And Classification

Problem Types: CWE-94

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Microsoft	Windows	-	All	All	All
Operating System	Microsoft	Windows	-	All	All	All
Application	Trendmicro	Antivirus Security	All	All	All	All
Application	Trendmicro	Antivirus Security	All	All	All	All
Application	Trendmicro	Internet Security	All	All	All	All
Application	Trendmicro	Maximum Security	All	All	All	All
Application	Trendmicro	Officescan	11.0	All	All	All
Application	Trendmicro	Officescan	12.0	All	All	All
Application	Trendmicro	Officescan	11.0	All	All	All
Application	Trendmicro	Officescan	12.0	All	All	All
Application	Trendmicro	Officescan Monthly	11.0	All	All	All
Application	Trendmicro	Officescan Monthly	12.0	All	All	All
Application	Trendmicro	Officescan Monthly	11.0	All	All	All
Application	Trendmicro	Officescan Monthly	12.0	All	All	All
Application	Trendmicro	Premium Security	All	All	All	All

References

Reference	Source	Link	Tags
Security Bulletin: Trend Micro Security (Consumer) 2018 Driver Vulnerability · Trend Micro for Home	MISC	esupport.trendmicro.com	Vendor Advisory
esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx	MISC	esupport.trendmicro.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.