CVE-2019-18190

{"id": "CVE-2019-18190", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-12-09T19:15:14.570", "references": [{"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124031.aspx", "tags": ["Vendor Advisory"], "source": "security@trendmicro.com"}, {"url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124031.aspx", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances."}, {"lang": "es", "value": "Trend Micro Security (Consumer) 2020 (versi\u00f3n v16.x), est\u00e1 afectado por una vulnerabilidad en donde los errores de desreferencia del puntero null resultan en el bloqueo de la aplicaci\u00f3n, lo que podr\u00eda conllevar a la potencial ejecuci\u00f3n de c\u00f3digo sin firmar bajo determinadas circunstancias."}], "lastModified": "2024-11-21T04:32:47.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:antivirus\\+_security_2020:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "087C5695-B486-4B7E-BC02-77E7655D3AF8", "versionEndExcluding": "16.0.1227", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C37D89D6-F4C7-4CD1-AA6B-D909AB2DC199", "versionEndExcluding": "16.0.1227", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4414976D-518F-44A7-89F5-6C0161FF9CCD", "versionEndExcluding": "16.0.1227", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FB86832-12B6-4ABF-9C27-1E6733B7D6DF", "versionEndExcluding": "16.0.1227", "versionStartIncluding": "16.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@trendmicro.com"}