Trend Micro Titanium Security 8.x < 8.0.2063 / 10.x < 10.0.1265 Multiple Vulnerabilities

high Nessus Plugin ID 91428

Synopsis

A security application installed on the remote host is affected by multiple vulnerabilities.

Description

The version of the Trend Micro Titanium Security product installed on the remote host is 8.x prior to 8.0.2063 or 10.x prior to 10.0.1265.
It is, therefore, affected by multiple vulnerabilities :

- A cross-site scripting (XSS) vulnerability exists in the /LocalHelp/loader script due to improper validation of input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a crafted web page, to execute arbitrary code in the user's browser session.

- A flaw exists in the CoreServiceShell.exe HTTP service due to improper sanitization of user input by the 'wtp' and 'loadhelp' endpoints. An unauthenticated, remote attacker can exploit this, by using a path traversal attack, to access arbitrary files with SYSTEM privileges.

- A flaw exists in the CoreServiceShell.exe HTTP service when handling the 'URL' parameter to the 'continue' endpoint. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a crafted web page, to inject arbitrary headers.

Solution

Upgrade to Trend Micro Titanium Security software version 8.0.2063 or 10.0.1265

See Also

http://www.nessus.org/u?c4a513cf

Plugin Details

Severity: High

ID: 91428

File Name: trendmicro_2016_0089.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 6/1/2016

Updated: 1/2/2019

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: x-cpe:/a:trendmicro:titanium

Required KB Items: installed_sw/Trend Micro Titanium

Patch Publication Date: 5/9/2016

Vulnerability Publication Date: 5/9/2016