Intrusion Prevention



This indicates an attack attempt against an Information Disclosure vulnerability in Trend Micro Control Manager.
The vulnerability is due to insufficient input validation in the application when handling a crafted HTTP request. A remote attacker may be able to access arbitrary files in the targeted system via a crafted request.

Affected Products

Trend Micro Control Manager 6.0 prior to SP3 Patch Hotfix 3328


Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.

Other References

ZDI-16-462 1114749