6 matches found
EUVD-2012-2974
Malware in sbrugna...
Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF
No description provided by source...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-BuildWin321394 allow remote attackers to inject arbitrary web script or HTML via 1 the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or 2 the src parameter to initUpdSchPage.imss...
CVE-2012-2996
CVE-2012-2996 affects Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394. The vulnerability is a Cross-Site Request Forgery (CSRF) in saveAccountSubTab.imss that enables exploitation via a saveAuth action to hijack administrator authentication and create new admin accounts. Root ...
CVE-2012-2995
Multiple cross-site scripting XSS vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-BuildWin321394 allow remote attackers to inject arbitrary web script or HTML via 1 the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or 2 the src parameter to initUpdSchPage.imss...
CVE-2006-1380
ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite IMSS 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe...