RSS   Vulnerabilities for 'Smart protection server'   RSS

2017-01-30
 
CVE-2016-6269

 

 
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler.php, (3) log_mgt_ajaxhandler.php or (4) tf parameter to wcs_bwlists_handler.php.

 
 
CVE-2016-6268

 

 
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.

 
 
CVE-2016-6267

 

 
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.

 
 
CVE-2016-6266

 

 
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) host or (2) apikey parameter in a register action, (3) enable parameter in a save_stting action, or (4) host or (5) apikey parameter in a test_connection action.

 

 >>> Vendor: Trend micro 67 Products
Interscan viruswall
Pc-cillin
Officescan
Virus buster 2001
Scanmail exchange
Interscan webmanager
Virus control system
Interscan emanager
Interscan applettrap
Virus buster
Interscan viruswall for windows nt
Damage cleanup server
Housecall
Scanmail
Scanmail domino
Control manager
Client-server-messaging suite smb
Client-server suite smb
Interscan messaging security suite
Interscan web security suite
Interscan webprotect
Portalprotect
Scanmail emanager
Serverprotect
Serverprotect earthagent
Antispyware
Pc-cillin 2005
Pc-cillin 2006
Scan engine
Officescan corporate edition
Pc cillin - internet security 2006
Client-server-messaging security
Viruswall
Interscan viruswall scan engine
Pc-cillin internet security
Scanning engine
Web security suite
Webprotect
Damage cleanup services
Tmcomm.sys
Trend micro antirootkit common module
Trend micro antispyware
Trend micro antivirus
Vsapini.sys
Pc-cillin internet security 2007
Trend micro antivirus plus antispyware
Trend micro internet security virus bust
Trend micro internet security pro
Client server messaging suite
Worry free business security
Internet security 2007
Internet security 2008
Interscan web security virtual appliance
Mobile security
Interscan messaging security virtual appliance
Deep discovery inspector
Password manager
Email encryption gateway
Business security
Business security services
Office scan
Virtual mobile infrastructure
Smart protection server
Endpoint sensor
Deep security
Security
Worry-free business security


Copyright 2024, cxsecurity.com

 

Back to Top