Main Vulnerability Database SB2017053117

SB2017053117 - Multiple vulnerabilities in Trend Micro InterScan Web Security Virtual Appliance

Published: May 31, 2017

Security Bulletin ID SB2017053117

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Code injection (CVE-ID: N/A)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper input validation by web service. A remote attacker can use specially crafted parameters to implement remote code injections and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References

https://success.trendmicro.com/solution/1117412