Lucene search
K

137 matches found

CVE
CVE
added 2014/11/07 7:0 p.m.41 views

CVE-2014-8510

CVE-2014-8510 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) AdminUI prior to 6.0 HF build 1244. Multiple information-disclosure vulnerabilities allow remote authenticated attackers to read arbitrary files via configuration input handling when saving filters. Public sources ...

4CVSS6.3AI score0.01487EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

InterScan Web Security 5.0 Permanent XSS

No description provided by source. Exploit Title: Permanent XSS in InterScan Web Security Virtual Appliance 5.0 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU&langloc=1 Version: 5.0 Tested on: Red Hat Nash 5.1 Code : POST...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

InterScan Web Security 5.0 - Arbitrary File Upload & Local Privilege Escalation

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

InterScan Web Security Virtual Appliance 5.0 - Arbitrary File Download

No description provided by source...

7.1AI score
Exploits0
Saint
Saint
added 2011/12/09 12:0 a.m.30 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

8.4AI score
Exploits0
Saint
Saint
added 2011/12/09 12:0 a.m.66 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

1.5AI score
Exploits0
Saint
Saint
added 2011/12/09 12:0 a.m.25 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

8.4AI score
Exploits0
seebug.org
seebug.org
added 2011/10/28 12:0 a.m.22 views

Trend Micro InterScan Web Security Suite "patchCmd" 权限提升漏洞

趋势科技的InterScan Web Security Suite(IWSS)在网关处针对基于Web方式的攻击为企业网络提供动态的、集成式的安全保护。 Trend Micro InterScan Web Security Suite for Linux在实现上存在安全漏洞,恶意本地用户可利用此漏洞提升权限。 此漏洞源于在执行某些操作时setuid/setgid root /opt/trend/iwss/data/patch/bin/patchCmd的错误,可通过在CWD中创建PatchExe.sh或RollbackExe.sh脚本获取root权限并执行该二进制文件。 Trend Micr...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/01 12:0 a.m.18 views

Interscan Web Security 5.0 - Persistent Cross-Site Scripting

Exploit Title: Permanent XSS in InterScan Web Security Virtual Appliance 5.0 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU&langloc=1 Version: 5.0 Tested on: Red Hat Nash 5.1 Code : POST /loginaccountaddmodify.jsp HTTP/1.1 Host:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/07/01 12:0 a.m.13 views

Interscan Web Security 5.0 - Persistent Cross-Site Scripting

Interscan Web Security 5.0 - Persistent Cross-Site Scripting Exploit Title: Permanent XSS in InterScan Web Security Virtual Appliance 5.0 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU&langloc=1 Version: 5.0 Tested on: Red Hat Nash...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2010/06/25 12:0 a.m.105 views

InterScan Web Security Virtual Appliance本地权限提升和任意文件上传/下载漏洞

BUGTRAQ ID: 41072 InterScan Web Security Virtual Appliance是一款能安装在VMware平台上的网页过滤产品。 InterScan Web Security Virtual Appliance没有正确地过滤提交给/servlet/com.trend.iwss.gui.servlet.exportreport的 exportname"参数和提交给/servlet/com.trend.iwss.gui.servlet.ConfigBackup的 pkgname参数,远程攻击者可以通过目录遍历攻击从系统下载任意文件。 InterScan W...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/23 12:0 a.m.22 views

Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download

Exploit Title: Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0 Date: 22-06-2010 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU?loc=1 Version: 5.0 Tested on: Red Hat Nash 5.1 Vulnerability Description: The...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/23 12:0 a.m.30 views

Interscan Web Security 5.0 - Arbitrary File Upload / Privilege Escalation

Advisory Name: Local Privilege Escalation in InterScan Web Security Virtual Apliance 5.0 Internal Cybsec Advisory Id: 2010-0604 Vulnerability Class: Local Privilege Escalation Release Date: 22-06-2010 Affected Applications: InterScan Web Security Virtual Aplliance 5.0. Other versions may be...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/06/23 12:0 a.m.12 views

Interscan Web Security 5.0 - Arbitrary File Upload Privilege Escalation

Interscan Web Security 5.0 - Arbitrary File Upload Privilege Escalation Advisory Name: Local Privilege Escalation in InterScan Web Security Virtual Apliance 5.0 Internal Cybsec Advisory Id: 2010-0604 Vulnerability Class: Local Privilege Escalation Release Date: 22-06-2010 Affected Applications:...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2010/06/23 12:0 a.m.9 views

Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download

Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download Exploit Title: Arbitrary File Download in InterScan Web Security Virtual Appliance 5.0 Date: 22-06-2010 Author: Ivan Huertas Software Link: http://downloadcenter.trendmicro.com/index.php?clk=tbl&clkval=249&regs=NABU?loc=1...

0.1AI score
Exploits0
Prion
Prion
added 2009/02/17 5:30 p.m.11 views

Authorization

Trend Micro InterScan Web Security Virtual Appliance IWSVA 3.x and InterScan Web Security Suite IWSS 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain credentials by offeri...

4.3CVSS7.1AI score0.02165EPSS
Exploits0References5Affected Software2
seebug.org
seebug.org
added 2009/02/11 12:0 a.m.33 views

趋势科技InterScan Web Security Suite绕过安全限制漏洞

BUGTRAQ ID: 33679 趋势科技的InterScan Web Security Suite(IWSS)在网关处针对基于Web方式的攻击为企业网络提供动态的、集成式的安全保护。 IWSS的多个JSP页面存在访问控制错误,非管理权限帐户(Auditor和Report Only)可以非授权修改某些配置值,如创建管理员帐号。 Trend Micro InterScan Web Security Suite 3.1 厂商补丁: Trend Micro ----------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
Rows per page
Query Builder