Remote Information Disclosure in Trend Micro Virus Control System
CVE-2003-1344

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Virus Control System
Vendor: CVE Published:; 31 December 2003

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2003-1344?

The Trend Micro Virus Control System contains a vulnerability that enables remote attackers to gain access to sensitive user data, including usernames and encrypted passwords. This occurs through a specific URL request to the getservers.exe executable, where the action parameter is manipulated to 'selects1.' This request retrieves sensitive log files, potentially exposing user credentials and operational data to unauthorized parties. It is crucial for users of this system to be aware of this issue and implement necessary security measures to mitigate the risk of exploitation.

References

http://secunia.com/advisories/7881

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/11063

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/6618

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 14, 2007
Vulnerability published
Dec 31, 2003