EUVD-2017-3024

Malware in sbrugna...

Trend Micro Encryption for Email Gateway formChangePass username SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Encryption for Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

Trend Micro Encryption for Email Gateway DBCrypto Authentication Weakness Vulnerability

This vulnerability allows attackers to recover user passwords on vulnerable installations of Trend Micro Encryption for Email Gateway. An attacker must first obtain access to the user database on the target system in order to exploit this vulnerability. The specific flaw exists within the DBCrypt...

Trend Micro Encryption for Email Gateway LauncherServer DownloadBlackList Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Encryption for Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The flaw exists within the...

Trend Micro Encryption for Email DLL Loads Remote Code Execution Vulnerability

Trend Micro Encryption for Email is a suite of encryption technologies for email from Trend Micro. A security vulnerability exists in Trend Micro Encryption for Email version 5.6. A remote attacker could exploit the vulnerability to execute arbitrary code on an affected system...

CVE-2017-11397

A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system...

CVE-2017-11397

A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system...

Design/Logic Flaw

A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system...

CVE-2017-11397

A service DLL preloading vulnerability affects Trend Micro Encryption for Email versions ≤ 5.6, where an unauthenticated remote attacker could trigger arbitrary code execution on the vulnerable system. The root cause is a DLL preloading issue in the service component, enabling code execution with...