Trend Micro Control Manager Multiple Security Vulnerabilities

Trend Micro Control Manager is prone to the following multiple security vulnerabilities:

1. Multiple SQL-injection vulnerabilities
2. A directory-traversal vulnerability
3. An authentication-bypass vulnerability
4. An XML-external entity vulnerability

Exploiting these issues could allow an attacker to access or modify data, or exploit latent vulnerabilities in the underlying database, bypass authentication mechanism, execute arbitrary code and obtain sensitive information. This may aid in further attacks.

Trend Micro Control Manager 6.0 is vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus