3 matches found
CVE-2012-2995
CVE-2012-2995 describes cross-site scripting vulnerabilities in Trend Micro InterScan Messaging Security Suite version 7.1-Build_Win32_1394. The stored XSS can be triggered via wrsApprovedURL in addRuleAttrWrsApproveUrl.imss, while non-persistent/reflected XSS can be triggered via src in initUpdS...
CVE-2006-1380
The CVE-2006-1380 issue affects Trend Micro InterScan Messaging Security Suite (IMSS) prior to 5.7.0.1121. The ISNTSmtp directory uses insecure DACLs on critical files, enabling local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe. Affected versions include IMSS 5.5 build 1183 an...
CVE-2012-2996
CVE-2012-2996 affects Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394. The vulnerability is a Cross-Site Request Forgery (CSRF) in saveAccountSubTab.imss that enables exploitation via a saveAuth action to hijack administrator authentication and create new admin accounts. Root ...