Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Trend Micro Control Manager 'CmdProcessor.exe' Buffer Overflow Vulnerability
Information
Severity
Severity
Critical
Family
Family
Buffer overflow
CVSSv2 Base
CVSSv2 Base
10.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
11 years ago
Modified
Modified
5 years ago
Summary
This host is running Trend Micro Control Manager and is prone to buffer overflow vulnerability.
Insight
Insight
The 'CGenericScheduler::AddTask' function in cmdHandlerRedAlertController.dll in 'CmdProcessor.exe' fails to process a specially crafted IPC packet sent on TCP port 20101, which could be exploited by remote attackers to cause a buffer overflow.
Affected Software
Affected Software
Trend Micro Control Manager version 5.5 Build 1250 Hotfix 1550 and prior
Solution
Solution
Apply Critical Patch Build 1613 for Trend Micro Control Manager 5.5.