Intrusion Prevention

Trend.Micro.Multiple.Products.modTMCSS.Command.Injection

Description

This indicates an attack attempt to exploit a remote Command Execution vulnerability in Trend Micro OfficeScan and InterScan Web Security Virtual Appliance (IWSVA).
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary OS commands within the context of the application, via a crafted HTTP request.

Affected Products

Trend Micro OfficeScan 11
Trend Micro OfficeScan XG
Trend Micro InterScan Messaging Security (Virtual Appliance) 9.0 prior to 9.0 CP 1629
Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1 prior to 9.1 CP 1675

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrades or patches from the vendor.
InterScan
https://success.trendmicro.com/solution/1117723
OfficeScan
https://success.trendmicro.com/solution/1117769