Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27376 of 28407

CVE-2017-11387

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. Formerly ZDI-CAN-4512.

CVE-2017-11385

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.

CVE-2017-11384

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Fomerly ZDI-CAN-4561.

CVE-2017-11383

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Fomerly ZDI-CAN-4560.

CVE-2017-11390

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706.

Author: Cyberthreat Blog

CVE-2017-11387

CVE-2017-11385

CVE-2017-11384

CVE-2017-11383

CVE-2017-11390