411 matches found
Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the importFile.php script. The issue lies in the failure to properly...
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetold's modDLPViolationCntdrildown.php script. The issue lies in the...
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetold's modDLPTemplateMatchdrildown.php script. The issue lies in the...
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's modDLPTemplateMatchdrildown.php script. The issue lies in the lac...
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widgetoldSP1's modDLPTemplateMatchdrildown.php script. The issue lies in t...
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's modDLPViolationCntdrildown.php script. The issue lies in the lack...
MS15-050: Vulnerability in Service Control Manager could allow elevation of privilege: May 12, 2015
MS15-050: Vulnerability in Service Control Manager could allow elevation of privilege: May 12, 2015 Summary This security update resolves a vulnerability in Windows Service Control Manager SCM. This vulnerability is caused when SCM incorrectly verifies impersonation levels. The vulnerability coul...
Trend Micro Control Manager Information Disclosure (CVE-2016-6220)
An XML external entity XXE processing vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of user-supplied input prior to executing an XML query. A remote, authenticated attacker could exploit this vulnerability by sending a malicious HTT...
Trend Micro Control Manager TreeUserControl_process_tree_event Information Disclosure
An XML external entity XXE processing vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of user-supplied input prior to executing an XML query in TreeUserControlprocesstreeevent.aspx. A remote, authenticated attacker could exploit this...
Trend Micro Control Manager task_controller Information Disclosure
An information disclosure vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation of the 'url' parameter in the request for taskcontrol.php. An unauthenticated remote attacker could exploit this vulnerability by sending a specially crafted HT...
Trend Micro Control Manager AdHocQuery_Processor.aspx SQL Injection
A SQL injection vulnerability has been reported in Trend Micro Control Manager. The vulnerability is due to lack of validation on two parameters in the AdHocQueryProcessor.aspx script. A remote, authenticated attacker could exploit this vulnerability by sending a malicious HTTP request to the...
Trend Micro Control Manager Detection
Binary data trendmicrocontrolmanagerdetect.nbin...
Trend Micro Control Manager 6.x < 6.0 SP3 Hotfix 3328 Multiple Vulnerabilities
According to its version, the Trend Micro Control Manager application installed on the remote Windows host is 6.x prior to 6.0 SP 3 Hotfix 3328 6.0.0.3328. It is, therefore, affected by the following vulnerabilities : - A directory traversal vulnerability exists in the taskcontroller.php script d...
Trend Micro Control Manager Information Disclosure Vulnerability
Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. An information disclosure vulnerability exists in version 6.0 of Trend Micro Control Manager TMCM, which can be exploited by an attacker to gain access to sensitive...
Trend Micro Control Manager SQL Injection Vulnerability
Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. A SQL injection vulnerability exists in version 6.0 of Trend Micro Control Manager TMCM, which can be exploited by an attacker to compromise an application, access o...
Trend Micro Control Manager Information Disclosure Vulnerability (CNVD-2016-06566)
Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. An information disclosure vulnerability exists in Trend Micro Control Manager. The vulnerability could be exploited by an attacker to obtain sensitive information...
Multiple SQL Injection Vulnerabilities in Trend Micro Control Manager
Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. Trend Micro Control Manager has multiple SQL injection vulnerabilities. The vulnerabilities could be exploited by an attacker to gain access to the underlying databa...
Trend Micro Control Manager TreeUserControl_process_tree_event External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within TreeUserControlprocesstreeevent.aspx. The issue lies in the failure to...
Trend Micro Control Manager AdHocQuery_CustomProfiles SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within AdHocQueryCustomProfiles.aspx. The issue lies in the failure to sanitize...
Trend Micro Control Manager ProductTree External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within ProductTree.aspx. The issue lies in the failure to sanitize...