CVE-2006-3261

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Control Manager
Vendor: CVE Published:; 27 June 2006

Summary

Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page, which is not properly sanitized before being displayed in the error log.

References

http://securitytracker.com/id?1016372

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/2526

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/20794

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 27, 2006
Vulnerability Reserved
Jun 27, 2006