|
| Description: | | An XML external entity (XXE) processing vulnerability was found in in Trend Micro Control Manager. The vulnerability is caused by no validation of user-supplied input prior to execute an XML query in ProductTree.aspx. |
|
| Impact: | | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. |
|
| Affected OS: | | Windows, Other Unix, FreeBSD, Linux |
|
| Reference: | | SecurityFocusBID:92363
https://success.trendmicro.com/solution/1114749
ZeroDayInitiative:ZDI-16-459
|
|