Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for Deep Discovery by Trend Micro, Inc.

JVNDB-2017-004607

Vulnerability from jvndb - Published: 2018-01-31 13:43 - Updated:2018-01-31 13:43
Severity ?
9.8 (Critical) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Deep Discovery Email Inspector vulnerable to arbitrary code execution
Details
Deep Discovery Email Inspector provided by Trend Micro Incorporated contains an arbitrary code execution vulnerability due to an issue in uploading files. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-004607.html",
  "dc:date": "2018-01-31T13:43+09:00",
  "dcterms:issued": "2018-01-31T13:43+09:00",
  "dcterms:modified": "2018-01-31T13:43+09:00",
  "description": "Deep Discovery Email Inspector provided by Trend Micro Incorporated contains an arbitrary code execution vulnerability due to an issue in uploading files.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-004607.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:deep_discovery",
    "@product": "Deep Discovery",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "10.0",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "9.8",
      "@severity": "Critical",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2017-004607",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU95587881/",
      "@id": "JVNVU#95587881",
      "@source": "JVN"
    },
    {
      "#text": "http://zerodayinitiative.com/advisories/ZDI-17-283/",
      "@id": "ZDI-17-283",
      "@source": "Related document"
    },
    {
      "#text": "http://www.zerodayinitiative.com/advisories/published/",
      "@id": "Zero Day Initiative",
      "@source": "Related document"
    }
  ],
  "title": "Deep Discovery Email Inspector vulnerable to arbitrary code execution"
}