Trend Micro Titanium Security 8.x < 8.0.2063 / 10.x < 10.0.1265 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by
multiple vulnerabilities.

Description :

The version of the Trend Micro Titanium Security product installed on
the remote host is 8.x prior to 8.0.2063 or 10.x prior to 10.0.1265.
It is, therefore, affected by multiple vulnerabilities :

- A cross-site scripting (XSS) vulnerability exists in the
/LocalHelp/loader script due to improper validation of
input before returning it to users. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a crafted web page, to execute arbitrary code
in the user's browser session. (VulnDB 138488)

- A flaw exists in the CoreServiceShell.exe HTTP service
due to improper sanitization of user input by the 'wtp'
and 'loadhelp' endpoints. An unauthenticated, remote
attacker can exploit this, by using a path traversal
attack, to access arbitrary files with SYSTEM
privileges. (VulnDB 138489)

- A flaw exists in the CoreServiceShell.exe HTTP service
when handling the 'URL' parameter to the 'continue'
endpoint. An unauthenticated, remote attacker can
exploit this, by convincing a user to visit a crafted
web page, to inject arbitrary headers. (VulnDB 138490)

See also :

http://www.nessus.org/u?c4a513cf

Solution :

Upgrade to Trend Micro Titanium Security software version 8.0.2063 or
10.0.1265

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 91428 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now