53 matches found
Trend Micro Local Elevation of Privilege Vulnerability
Trend Micro InterScan Messaging Security Virtual Appliance IMSA is an email gateway security appliance from Trend Micro that integrates anti-virus, anti-spyware and anti-phishing technologies to provide comprehensive protection for email applications. A local elevation of privilege vulnerability...
Multiple Vulnerabilities in Trend Micro InterScan Messaging Security
Trend Micro InterScan Messaging Security is a hybrid SaaS email security solution. Trend Micro InterScan Messaging Security has multiple vulnerabilities. The vulnerabilities can be exploited by an attacker to execute arbitrary script code on a trusted user's browser in the context of an affected...
Trend Micro InterScan Messaging Security Open Redirect Vulnerability
Trend Micro InterScan Messaging Security is a hybrid SaaS email security solution. Trend Micro InterScan Messaging Security suffers from an open redirection vulnerability. The vulnerability allows an attacker to be redirected to an attacker-controlled website...
CVE-2014-3922
Cross-site scripting XSS vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss...
CVE-2014-3922
CVE-2014-3922 is an XSS vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516. The flaw allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss. According to the NVD entry, the CVS...
InterScan Messaging Security Virtual Appliance 8.5.1.1516 Cross Site Scripting
I. VULNERABILITY ------------------------- XSS Attacks vulnerability in InterScan Messaging Security Virtual Appliance 8.5.1.1516 II. DESCRIPTION ------------------------- Has been detected a XSS vulnerability in InterScan Messaging Security Virtual Appliance version 8.5.1.1516. The code injectio...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-BuildWin321394 allow remote attackers to inject arbitrary web script or HTML via 1 the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or 2 the src parameter to initUpdSchPage.imss...
CVE-2012-2996
CVE-2012-2996 affects Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394. The vulnerability is a Cross-Site Request Forgery (CSRF) in saveAccountSubTab.imss that enables exploitation via a saveAuth action to hijack administrator authentication and create new admin accounts. Root ...
Trend Micro InterScan Messaging Security Suite XSS / CSRF
Exploit Title: Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF Date: 13/09/2012 Exploit Author: modpr0be modpr0beatspentera.com Vendor Homepage: http://www.trendmicro.com Software Link: http://www.trendmicro.com/ftp/products/interscan/IMSSv7.1Win1394.zip Version:...
Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting Cross-Site Request Forgery
Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting Cross-Site Request Forgery Exploit Title: Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF Date: 13/09/2012 Exploit Author: modpr0be modpr0beatspentera.com Vendor Homepage: http://www.trendmicro.com...
CVE-2006-1380
ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite IMSS 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe...
PT-2006-2389 · Trend Micro · Trend Micro Interscan Messaging Security Suite
Name of the Vulnerable Software and Affected Versions: Trend Micro InterScan Messaging Security Suite versions prior to 5.7.0.1121 Description: The issue concerns the ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite, which uses insecure DACLs for critical files. This allows...
Trend Micro IMSS Console Management Detection
The remote host appears to run Trend Micro Interscan Messaging Security Suite, connections are allowed to the web console management. Make sure that only authorized hosts can connect to this service, as the information of its existence may help an attacker to make more sophisticated attacks again...