Trend Micro Deep Security and Cloud One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a code injection vulnerability. By executing a specially-crafted program, an attacker could exploit this vulnerability to escalate privileges.
Trend Micro Deep Security and Cloud One could allow a local authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the script containing “dot dot” sequences to view arbitrary files on the system.
Refer to Trend Micro Advisory for patch, upgrade, or suggested workaround information.