Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:0F46C916A639600AA9B8D3896340C2E5
HistoryJan 16, 2012 - 12:00 a.m.

Trend Micro Control Manager AddTask buffer overflow

2012-01-1600:00:00
SAINT Corporation
my.saintcorporation.com
28

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.945

Percentile

99.3%

JSON

Added: 01/16/2012
CVE: CVE-2011-5001
BID: 50965
OSVDB: 77585

Background

Trend Micro Control Manager streamlines administration of Trend Micro security solutions.

Problem

A buffer overflow vulnerability in the **AddTask** function allows remote attackers to execute arbitrary code by sending a specially crafted IPC packet to the **CmdProcessor.exe** service.

Resolution

Upgrade to Trend Micro Control Manager 5.5 build 1613 or higher.

References

<http://www.zerodayinitiative.com/advisories/ZDI-11-345/&gt;
<http://www.trendmicro.com/ftp/documentation/readme/readme_critical_patch_TMCM55_1613.txt&gt;

Limitations

Exploit works on Trend Micro Control Manager 5.5 B1250.

Platforms

Windows

Related

checkpoint_advisories 1
prion 1
saint 3
packetstorm 1
seebug 1
openvas 1
cvelist 1
nvd 1
cve 1
metasploit 1
nessus 1
zdt 1
exploitdb 1
checkpoint_advisories
checkpoint_advisories
Trend Micro Control Manager CmdProcessor.exe AddTask Stack Buffer Overflow (CVE-2011-5001)
2012-04-16 00:00:00
prion
prion
Stack overflow
2011-12-25 01:55:00
saint
saint
Trend Micro Control Manager AddTask buffer overflow
2012-01-16 00:00:00
Trend Micro Control Manager AddTask buffer overflow
2012-01-16 00:00:00
Trend Micro Control Manager AddTask buffer overflow
2012-01-16 00:00:00
packetstorm
packetstorm
TrendMicro Control Manager 5.5 Buffer Overflow
2012-02-24 00:00:00
seebug
seebug
TrendMicro Control Manger &lt;= v5.5 CmdProcessor.exe Stack Buffer Overflow
2012-02-24 00:00:00
openvas
openvas
Trend Micro Control Manager 'CmdProcessor.exe' Buffer Overflow Vulnerability
2012-07-02 00:00:00
cvelist
cvelist
CVE-2011-5001
2011-12-25 01:00:00
nvd
nvd
CVE-2011-5001
2011-12-25 01:55:02
cve
cve
CVE-2011-5001
2011-12-25 01:55:02
metasploit
metasploit
TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow
2012-02-23 01:44:47
nessus
nessus
Trend Micro Control Manager CmdProcessor.exe Remote Buffer Overflow
2011-12-09 00:00:00
zdt
zdt
TrendMicro Control Manger <= v5.5 CmdProcessor.exe Stack BOF
2012-02-24 00:00:00
exploitdb
exploitdb
Trend Micro Control Manger 5.5 - &#039;CmdProcessor.exe&#039; Remote Stack Buffer Overflow (Metasploit)
2012-02-23 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.945

Percentile

99.3%

JSON
Related for SAINT:0F46C916A639600AA9B8D3896340C2E5
checkpoint_advisories1prion1saint3packetstorm1seebug1openvas1cvelist1nvd1cve1metasploit1nessus1zdt1exploitdb1