virus logo Intrusion Prevention

Trend.Micro.Control.Manager.Information.Disclosure

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in Trend Micro Control Manager.
The vulnerability is due to insufficient input validation in the application when handling a crafted HTTP request. A remote attacker may be able to access arbitrary files in the targeted system via a crafted request.

affected-products-logoAffected Products

Trend Micro Control Manager 6.0 prior to SP3 Patch Hotfix 3328

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
http://esupport.trendmicro.com/solution/en-US/1114749.aspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ZDI-16-462 1114749
ID 42843
Created Aug 26, 2016
Updated Sep 11, 2016
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App Other