Trend Micro DirectPass < 220.127.116.115 Multiple Vulnerabilities
Medium Nessus Plugin ID 66811
SynopsisThe remote Windows host contains a program that is potentially affected by multiple vulnerabilities.
DescriptionThe version of Trend Micro DirectPass on the remote Windows host is earlier than 18.104.22.1685 and is, therefore, potentially affected by the following vulnerabilities :
- An input validation error exists in the file 'InstallWorkspace.exe' related to the 'Master Password' field that could allow persistent cross-site scripting attacks.
- An error exists in the file 'InstallWorkspace.exe' related to the 'Master Password' module that could allow a security bypass and arbitrary command execution.
- An error exists in the files 'InstallWorkspace.exe' and 'libcef.dll' that could allow denial of service attacks because of dereferencing a NULL pointer.
SolutionUpgrade to version 22.214.171.1245.