iDEFENSE Security Advisory 12.14.05 - Remote exploitation of an input validation vulnerability in Trend Micro Inc.'s ServerProtect Management Console allows remote attackers to view the contents of arbitrary files on the underlying system. The problem specifically exists within the handling of the IMAGE parameter in the script rptserver.asp.
1b01155d4ea95e1c1d0ae336bc10735c394b99ac36b81cfe1486db6a0e63ae9b