Trend Micro DirectPass < Multiple Vulnerabilities

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host contains a program that is potentially affected
by multiple vulnerabilities.

Description :

The version of Trend Micro DirectPass on the remote Windows host is
earlier than and is, therefore, potentially affected by the
following vulnerabilities :

- An input validation error exists in the file
'InstallWorkspace.exe' related to the 'Master Password'
field that could allow persistent cross-site scripting

- An error exists in the file 'InstallWorkspace.exe'
related to the 'Master Password' module that could
allow a security bypass and arbitrary command execution.

- An error exists in the files 'InstallWorkspace.exe' and
'libcef.dll' that could allow denial of service attacks
because of dereferencing a NULL pointer.

See also :

Solution :

Upgrade to version

Risk factor :

Medium / CVSS Base Score : 4.4
CVSS Temporal Score : 3.4
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 66811 ()

Bugtraq ID: 60023


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now