Critical severity9.8NVD Advisory· Published Apr 12, 2016· Updated Jun 17, 2026
CVE-2016-3987
CVE-2016-3987
Description
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:trendmicro:password_manager:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:trendmicro:password_manager:-:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/135222/TrendMicro-Node.js-HTTP-Server-Command-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/39218/nvdExploitThird Party AdvisoryVDB Entry
- blog.trendmicro.com/information-on-reported-vulnerabilities-in-trend-micro-password-manager/nvdVendor Advisory
- www.securitytracker.com/id/1034662nvdThird Party AdvisoryVDB Entry
- code.google.com/p/google-security-research/issues/detailnvdThird Party Advisory
News mentions
0No linked articles in our index yet.