Details of VAR-201304-0023

ID

VAR-201304-0023

CVE

CVE-2012-3022

TITLE

Arbitrary program execution vulnerability in TrendLink ActiveX control

Trust: 0.8

sources: JVNDB: JVNDB-2013-002240

DESCRIPTION

The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted web site. TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and Communication Security Technology Center (ICST), Taiwan R.O.C Kuang-Chun Hung reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote attacker may create an arbitrary file on the system and as a result, arbitrary code may be executed. Canary Labs Trend Link is prone to a vulnerability caused by an insecure method. Attackers can exploit this issue to overwrite arbitrary files in the context of the application (typically Internet Explorer) that is using the ActiveX control, which may aid in a remote code execution or cause denial-of-service conditions. Canary Labs Trend Link 9.0.2.27051 and prior versions are vulnerable. An attacker could exploit this vulnerability to write arbitrary content to arbitrary files

Trust: 1.98

sources: NVD: CVE-2012-3022 // JVNDB: JVNDB-2013-002240 // BID: 58944 // VULHUB: VHN-56303

AFFECTED PRODUCTS

vendor:	canarylabs	model:	trendlink	scope:	lte	version:	9.0.2.27051	Trust: 1.0
vendor:	canary	model:	trendlink	scope:	lte	version:	9.0.2.27051	Trust: 0.8
vendor:	canarylabs	model:	trendlink	scope:	eq	version:	9.0.2.27051	Trust: 0.6
vendor:	canary	model:	labs trend link	scope:	eq	version:	9.0.2.27051	Trust: 0.3

sources: BID: 58944 // JVNDB: JVNDB-2013-002240 // CNNVD: CNNVD-201304-144 // NVD: CVE-2012-3022

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3022
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3022
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201304-144
value:	HIGH
Trust: 0.6
VULHUB:	VHN-56303
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3022
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-56303
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56303 // JVNDB: JVNDB-2013-002240 // CNNVD: CNNVD-201304-144 // NVD: CVE-2012-3022

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-56303 // JVNDB: JVNDB-2013-002240 // NVD: CVE-2012-3022

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-144

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201304-144

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002240

PATCH

title:

TrendLink

url:

http://www.canarylabs.com/software/canary-trend-link

Trust: 0.8

sources: JVNDB: JVNDB-2013-002240

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3022	Trust: 2.8
db:	ICS CERT	id:	ICSA-13-098-01	Trust: 2.8
db:	JVN	id:	JVN30281958	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-002240	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-144	Trust: 0.7
db:	SECUNIA	id:	52939	Trust: 0.6
db:	BID	id:	58944	Trust: 0.4
db:	VULHUB	id:	VHN-56303	Trust: 0.1

sources: VULHUB: VHN-56303 // BID: 58944 // JVNDB: JVNDB-2013-002240 // CNNVD: CNNVD-201304-144 // NVD: CVE-2012-3022

REFERENCES

url:	http://ics-cert.us-cert.gov/pdf/icsa-13-098-01.pdf	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3022	Trust: 0.8
url:	http://ics-cert.us-cert.gov/advisories/icsa-13-098-01	Trust: 0.8
url:	http://jvn.jp/en/jp/jvn30281958/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3022	Trust: 0.8
url:	http://secunia.com/advisories/52939	Trust: 0.6
url:	http://support.microsoft.com/kb/240797	Trust: 0.3
url:	http://www.canarylabs.com/software/canary-trend-link	Trust: 0.3

sources: VULHUB: VHN-56303 // BID: 58944 // JVNDB: JVNDB-2013-002240 // CNNVD: CNNVD-201304-144 // NVD: CVE-2012-3022

CREDITS

Kuang-Chun Hung

Trust: 0.3

sources: BID: 58944

SOURCES

db:	VULHUB	id:	VHN-56303
db:	BID	id:	58944
db:	JVNDB	id:	JVNDB-2013-002240
db:	CNNVD	id:	CNNVD-201304-144
db:	NVD	id:	CVE-2012-3022

LAST UPDATE DATE

2025-04-11T23:07:17.381000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-56303	date:	2013-04-16T00:00:00
db:	BID	id:	58944	date:	2013-04-08T00:00:00
db:	JVNDB	id:	JVNDB-2013-002240	date:	2014-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201304-144	date:	2013-04-15T00:00:00
db:	NVD	id:	CVE-2012-3022	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-56303	date:	2013-04-16T00:00:00
db:	BID	id:	58944	date:	2013-04-08T00:00:00
db:	JVNDB	id:	JVNDB-2013-002240	date:	2014-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201304-144	date:	2013-04-12T00:00:00
db:	NVD	id:	CVE-2012-3022	date:	2013-04-16T14:04:30.683