Vulnerability Description
The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC-cillin 2009) does not completely encrypt passwords, which allows local users to obtain sensitive information by leveraging a keylogger.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendmicro | Trend Micro Internet Security | 2009 |
Related Weaknesses (CWE)
References
- http://esupport.trendmicro.co.jp/Pages/JP-2079186.aspx
- http://jvn.jp/en/jp/JVN99175647/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2011-000028
- http://esupport.trendmicro.co.jp/Pages/JP-2079186.aspx
- http://jvn.jp/en/jp/JVN99175647/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2011-000028
FAQ
What is CVE-2011-1327?
CVE-2011-1327 is a vulnerability with a CVSS score of 2.1 (LOW). The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC-cillin 2009) does not completely encrypt passwords, which allows local users to obtain sensitive in...
How severe is CVE-2011-1327?
CVE-2011-1327 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1327?
Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Trend Micro Internet Security.