CVE-2019-14687

A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an…

trendmicro·CWE-427·Published 2019-08-20

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

256 chars

A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.

NVDen

256 chars

NVDes

270 chars

Existe una vulnerabilidad de secuestro de DLL en Trend Micro Password Manager 5.0 en el que, si se explota, permitiría a un atacante cargar una DLL arbitraria sin firmar en el proceso del servicio firmado. Este proceso es muy similar, pero no idéntico al CVE-2019-14684.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H