Trend Micro DirectPass < 220.127.116.115 Multiple Vulnerabilities
Medium Nessus Plugin ID 66811
SynopsisThe remote Windows host contains a program that is potentially affected
by multiple vulnerabilities.
DescriptionThe version of Trend Micro DirectPass on the remote Windows host is
earlier than 18.104.22.1685 and is, therefore, potentially affected by the
following vulnerabilities :
- An input validation error exists in the file
'InstallWorkspace.exe' related to the 'Master Password'
field that could allow persistent cross-site scripting
- An error exists in the file 'InstallWorkspace.exe'
related to the 'Master Password' module that could
allow a security bypass and arbitrary command execution.
- An error exists in the files 'InstallWorkspace.exe' and
'libcef.dll' that could allow denial of service attacks
because of dereferencing a NULL pointer.
SolutionUpgrade to version 22.214.171.1245.