Interscan Messaging Security Virtual Appliance@9.1 Security Vulnerabilities and Issues — Interscan Messaging Security Virtual Appliance@9.1 CVE List

Lucene search

TrendmicroInterscan Messaging Security Virtual Appliance9.1

4 matches found

CVE•added 2021/03/03 4:15 p.m.•46 views

CVE-2021-25252

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.

5.5CVSS5.4AI score0.00063EPSS

CVE•added 2017/08/03 3:29 p.m.•35 views

CVE-2017-11391

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744.

8.8CVSS9AI score0.12628EPSS

CVE•added 2017/08/03 3:29 p.m.•32 views

CVE-2017-11392

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745.

8.8CVSS9AI score0.06769EPSS

CVE•added 2018/02/16 10:29 p.m.•31 views

CVE-2018-3609

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.

8.1CVSS8AI score0.26234EPSS