<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Mon Mar 27 02:23:55 2017 +0000 zdi@hp.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-17-187: Trend Micro InterScan Messaging Security Suite DetailReportAction Directory Traversal Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/Cftbd-PL04o/ This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro InterScan Messaging Security Suite. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/Cftbd-PL04o" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-187/ <![CDATA[ZDI-17-186: Trend Micro Control Manager CCGIServlet SpecialSpywarePolicyResult SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/9h_UXck6S8g/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/9h_UXck6S8g" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-186/ <![CDATA[ZDI-17-185: Trend Micro Control Manager AdHocQueryExportProcessing SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/9DjuMJNu-f4/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/9DjuMJNu-f4" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-185/ <![CDATA[ZDI-17-184: Trend Micro Control Manager CCGIServlet IDTB_SV parameters SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/59zD45PlSUw/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/59zD45PlSUw" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-184/ <![CDATA[ZDI-17-183: Trend Micro Control Manager CCGIServlet ID_HIDDEN_UG_STR SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/5wWMHiUQqM8/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/5wWMHiUQqM8" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-183/ <![CDATA[ZDI-17-182: Trend Micro Control Manager cgiCMUIDispatcher ScheduleDownloadSavedEnableList SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/7aV4R8RKbug/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/7aV4R8RKbug" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-182/ <![CDATA[ZDI-17-181: Trend Micro Control Manager CCGIServlet ID_QUERY_COMMAND_TRACKING_ID SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/hymMaosDzE4/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/hymMaosDzE4" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-181/ <![CDATA[ZDI-17-180: Trend Micro Control Manager cgiCMUIDispatcher ManualDownloadResult SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/oGrUg1iVMg8/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/oGrUg1iVMg8" height="1" width="1" alt=""/> Wed, 22 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-180/ <![CDATA[ZDI-17-179: Adobe Flash MovieClip transform Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/jx7yPkiNEHQ/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/jx7yPkiNEHQ" height="1" width="1" alt=""/> Tue, 21 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-179/ <![CDATA[ZDI-17-178: Adobe Flash Transform matrix Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/GC0HP9NL1yg/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/GC0HP9NL1yg" height="1" width="1" alt=""/> Tue, 21 Mar 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-178/