CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.3%
Added: 01/16/2012
CVE: CVE-2011-5001
BID: 50965
OSVDB: 77585
Trend Micro Control Manager streamlines administration of Trend Micro security solutions.
A buffer overflow vulnerability in the **AddTask**
function allows remote attackers to execute arbitrary code by sending a specially crafted IPC packet to the **CmdProcessor.exe**
service.
Upgrade to Trend Micro Control Manager 5.5 build 1613 or higher.
<http://www.zerodayinitiative.com/advisories/ZDI-11-345/>
<http://www.trendmicro.com/ftp/documentation/readme/readme_critical_patch_TMCM55_1613.txt>
Exploit works on Trend Micro Control Manager 5.5 B1250.
Windows