CVE-2011-5001 : Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHan

Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101.

Published 2011-12-25 01:55:03

Updated 2018-10-09 19:33:40

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2011-5001

Trend Micro » Control Manager
Versions up to, including, (<=) 5.5
cpe:2.3:a:trend_micro:control_manager:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-5001

EPSS FAQ

74.71%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2011-5001

TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow

Disclosure Date: 2011-12-07

First seen: 2020-04-26

exploit/windows/misc/trendmicro_cmdprocessor_addtask

This module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manger up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask

More information

CVSS scores for CVE-2011-5001

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2011-5001

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-5001

https://exchange.xforce.ibmcloud.com/vulnerabilities/71681

Trend Micro Control Manager CGenericScheduler::AddTask() function buffer overflow CVE-2011-5001 Vulnerability Report
http://www.zerodayinitiative.com/advisories/ZDI-11-345/

ZDI-11-345 | Zero Day Initiative
http://www.trendmicro.com/ftp/documentation/readme/readme_critical_patch_TMCM55_1613.txt

Vendor Advisory
http://www.securityfocus.com/archive/1/520780/100/0/threaded

SecurityFocus
http://www.securitytracker.com/id?1026390

Trend Micro Control Manager Buffer Overflow in 'CmdProcessor.exe' Lets Remote Users Execute Arbitrary Code - SecurityTracker

Jump to