CVE-2015-2873 Information

Description

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477 3.6.x before 3.6.1217 3.7.x before 3.7.1248 3.8.x before 3.8.1263 and other versions allows remote attackers to obtain sensitive information or change the configuration via a direct request to the (1) system log URL (2) whitelist URL or (3) blacklist URL.

Reference

http://esupport.trendmicro.com/solution/en-US/1112206.aspx http://www.kb.cert.org/vuls/id/248692 http://www.securityfocus.com/bid/76396