Trend Micro OfficeScan CVE-2017-14087 Host Header Injection Vulnerability

Trend Micro OfficeScan is prone to an host header-injection vulnerability because it fails to properly validate an HTTP request header.

A successful attack may allow attackers to insert a crafted host header to navigate the victim to the attacker's domain.

Trend Micro OfficeScan 11.0 SP1 and XG (12.0) are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus