Reporter Japan Vulnerability Notes
Trend Micro Internet Security provided by Trend Micro Incorporated contains the following vulnerabilities.
- Access Restriction Flaw - CVE-2016-1225 CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Base Score: 5.3
CVSS v2 | AV:N/AC:L/Au:N/C:P/I:N/A:N | Base Score: 5.0
- Arbitrary Script Execution - CVE-2016-1226 CVSS v3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | Base Score: 6.1
CVSS v2 | AV:N/AC:M/Au:N/C:N/I:P/A:N | Base Score: 4.3
According to the developer, attempts to exploit these vulnerabilities will not succeed from external networks when the default settings are used.
A remote attacker may obtain access to files on the device. (CVE-2016-1225)
An arbitrary script may be executed on the products. (CVE-2016-1226)
Apply the Update Module
According to the information provided by the developer, apply the Update Module.
## Products Affected
- Trend Micro Internet Security 8
- Trend Micro Internet Security 10