CVE-2012-2998

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Control Manager
Vendor: CVE Published:; 28 September 2012

Summary

SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

http://www.spentera.com/2012/09/trend-micro-control-manag...

x_refsource_MISC

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000090

third-party-advisoryx_refsource_JVNDB

http://www.trendmicro.com/ftp/documentation/readme/readme...

x_refsource_CONFIRM

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 28, 2012
Vulnerability Reserved
May 30, 2012