CVE-2017-14090
CVE-2017-14090 affects Trend Micro ScanMail for Exchange 12.0. The vulnerability lies in the update mechanism: communications to update servers are unencrypted (HTTP) and lack certificate validation, enabling eavesdropping/tampering. Core Security’s advisory details that vulnerable update paths a...