COMMAND

    Applet Trap

SYSTEMS AFFECTED

    Trend Micro Applet Trap 2.0

PROBLEM

    Following is  based on  a eDvice  Security Advisory.   Trend Micro
    Applet  Trap  is  a  product  for blocking malicious Java applets,
    malicious  JavaScript  and  unsecured  ActiveX  controls  at   the
    gateway.  The product includes an option for URL filtering.

    eDvice  recently  conducted  a  test  of  AppletTrap's  ability to
    filter Scripts at  the gateway.   AppletTrap includes the  ability
    to  filter  script  languages  (JavaScript,  VBScript,  and/or all
    other HTML script languages) from HTML code.

    AppletTrap includes  some design  and implementation  flaws, which
    allow  an  attacker  to  bypass  restrictions  set  by the product
    administrator and introduce malicious code into an organization.

    dEvice  found  two  problems  with  AppletTrap's  Script filtering
    mechanism:

    1) If only JavaScript or VBScript (not both) filtering is enabled,
       then in  an html  page containing  a mixture  of JavaScript and
       VBScript code, AppletTrap will  not filter scripts that  should
       have been filtered  by policy as  long as these  scripts appear
       after a  script that  is allowed  by policy.   For example,  if
       the policy is set to  filter only VBScript and not  JavaScript,
       then in  a page  containing a  JavaScript and  a VBScript,  the
       VBScript will not  be filtered as  long as the  JavaScript code
       comes first.

    2) AppletTrap  does not  recognize and  does not  filter scripting
       tags constructed using extended Unicode notation.

SOLUTION

    Trend Micro has confirmed  these vulnerabilities and will  address
    them in version 2.5.