20 matches found
EUVD-2017-5604
Malware in sbrugna...
EUVD-2017-5602
Malware in sbrugna...
Trend Micro ScanMail for Exchange Security Restriction Bypass Vulnerability
Trend Micro ScanMail for Exchange is a mail firewall solution developed and maintained by Trend Micro that is designed to protect Exchange mail servers from viruses, spyware and spam threats. A security vulnerability exists in Trend Micro ScanMail for Exchange version 12.0, which arises from the...
Trend Micro ScanMail for Exchange Log Query and Quarantine Query Page Cross-Site Scripting Vulnerability
Trend Micro ScanMail for Exchange is a mail firewall solution developed and maintained by Trend Micro that is designed to protect Exchange mail servers from viruses, spyware and spam threats. A cross-site scripting vulnerability exists in the Log Query and Quarantine Query pages in Trend Micro...
CVE-2017-14091
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory...
CVE-2017-14090
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...
CVE-2017-14090
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...
CVE-2017-14092
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain...
Cross site request forgery (csrf)
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain...
Design/Logic Flaw
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...
CVE-2017-14091
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory...
CVE-2017-14093
Trend Micro ScanMail for Exchange 12.x (SMEX) contains a cross-site scripting vulnerability (CVE-2017-14093) in the Web-based Logs and Quarantine Query pages. The root cause is improper input handling on the logs/ Quarantine pages, allowing injected script via parameters such as optRemoteLog, txt...
CVE-2017-14090
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...
Trend Micro ScanMail for Exchange 12.x < SP1 Patch 1 CP1755
The version of Trend Micro ScanMail for Exchange SMEX installed on the remote Windows host is affected by multiple vulnerabilities, including cross-site scripting XSS and weak anti cross-site request forgery CSRF. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid104354...
Trend Micro ScanMail for Exchange 10.2 < Build 3318 / 11.x < Build 4180 Predictable Session IDs
The version of Trend Micro ScanMail for Exchange SMEX installed on the remote Windows host is affected by a flaw in its bundled web-based user interface due to insufficient complexity in the generation of session IDs. A remote attacker, by more easily guessing the session ID, can use an...
Trend Micro ScanMail for Microsoft Exchange Authentication Bypass Vulnerability
Trend Micro ScanMail for Microsoft Exchange is a virus scanning program for Exchange mail servers. Trend Micro ScanMail for Microsoft Exchange SMEX prior to 10.2 Hot Fix Build 3318 and prior to 11.0 Hot Fix Build 4180 uses a guessable random number generator to generate the session ID of the WEB...
Trend Micro ScanMail for Domino 2.51/2.6 - Remote File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11612/info ScanMail for Domino is reported prone to a vulnerability that may allow sensitive configuration files to be disclosed to remote attackers. A successful attack may allow an attacker to disclose sensitive...
CVE-2003-1343
Trend Micro ScanMail for Exchange SMEX before 3.81 and before 6.1 might install a back door account in smgSmxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3"...
Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass
Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass source: https://www.securityfocus.com/bid/6619/info A vulnerability has been reported for ScanMail for Microsoft Exchange. The vulnerability allows a remote attacker to bypass existing authentication mechanisms and obtain access to...
Softek MailMarshal 4 / Trend Micro ScanMail 1.0 - SMTP Attachment Protection Bypass
source: https://www.securityfocus.com/bid/3097/info At least two SMTP gateway products have been identified which contain flaws in the handling of restricted filetypes as attachments. An attacker can insert extraneous characters in the filename extension of a hostile attachment. The affected...