Multiple vulnerabilities in Deep Discovery Email Inspector

Overview Deep Discovery Email Inspector provided by Trend Micro Incorporated contains multiple vulnerabilities. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact The possible impacts are as follows: A user may execute arbitrary...

CVE-2017-11382

Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. Formerly ZDI-CAN-4350...

Trend Micro Deep Discovery Email Inspector policy_setting Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within policysetting.php. The issue results from the lack of prope...

Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within writenewhtmlwithsvg.php. The issue results from the lack of...