Date Disclosed:
9/13/2012
Date Patched:
Patch not available.
Vendor:
Trend Micro
Affected Software:
Trend Micro InterScan Messaging Security Suite Version 7.1-Build_Win32_1394
Description:
InterScan Messaging Security Suite is vulnerable to multiple cross-site scripting vulnerabilities and a cross-site request forgery vulnerability. These could be used by an attacker to execute an arbitrary script in the context of a logged in user.
Severity:
Moderate
Code Execution:
Yes: arbitrary scripts can be executed.
Impact:
No mitigation is currently available.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
Status:
2012-09-13: Original Disclosure
9/13/2012
Date Patched:
Patch not available.
Vendor:
Trend Micro
Affected Software:
Trend Micro InterScan Messaging Security Suite Version 7.1-Build_Win32_1394
Description:
Severity:
Moderate
Code Execution:
Yes: arbitrary scripts can be executed.
Impact:
Arbitrary script execution
Attackers that successfully exploit this vulnerability will be able to execute scripts within the context of a currently logged in user. This could be used by attackers to perform unauthorized actions on behalf of target users.
Mitigation:No mitigation is currently available.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 17182 - Trend Micro InterScan Messaging Multiple Vulnerabilities (Zero-Day)
- 17183 - Trend Micro InterScan Messaging Multiple Vulnerabilities (Zero-Day) - x64
Status:
2012-09-13: Original Disclosure
0 nhận xét:
Đăng nhận xét