Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27189 of 28220

CVE-2017-11385

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.

CVE-2017-11384

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Fomerly ZDI-CAN-4561.

CVE-2017-11383

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Fomerly ZDI-CAN-4560.

CVE-2017-11390

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706.

CVE-2017-11389

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684.

Author: Cyberthreat Blog

CVE-2017-11385

CVE-2017-11384

CVE-2017-11383

CVE-2017-11390

CVE-2017-11389