6 matches found
CVE-2012-2998
Affected product: Trend Micro Control Manager (TMCM). Vulnerable component: Ad hoc query module (AdHocQuery_Processor.aspx path, AdHocQuery.NET.dll scope in TMCM). Root cause: SQL injection in the ad hoc query module. Impact: Remote attackers could execute arbitrary SQL commands against the backe...
CVE-2011-5001
CVE-2011-5001 concerns a stack-based buffer overflow in Trend Micro Control Manager 5.5 prior to Build 1613. The vulnerability is in the CmdProcessor.exe component, specifically inside the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. By sending a crafted IPC packet to ...
CVE-2007-0851
CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...
CVE-2005-0533
CVE-2005-0533: Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI prior to 7.510, used across multiple Trend Micro products. An overly long ARJ header file name can overrun a buffer in the ARJ parsing path, enabling remote code execution when a crafted ARJ archive is scanned. Affec...
CVE-2006-3261
CVE-2006-3261 affects Trend Micro Control Manager (TMCM) 3.5. The vulnerability is a cross-site scripting (XSS) flaw in the login page: the username field is not properly sanitized and its value may be reflected in the error log, enabling remote attackers to inject arbitrary web script or HTML. T...
CVE-2005-0383
CVE-2005-0383 concerns Trend Micro Control Manager 3.0 Enterprise Edition, where remote attackers can escalate privileges through a replay attack of the encrypted username and password. The available documents confirm the affected product and the underlying issue (replay of credentials) but do no...