RSS   Vulnerabilities for 'Scanmail'   RSS

2017-12-15
 
CVE-2017-14093

CWE-79
 

 
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.

 
 
CVE-2017-14092

CWE-352
 

 
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

 
 
CVE-2017-14091

CWE-345
 

 
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.

 
 
CVE-2017-14090

CWE-326
 

 
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted.

 

 >>> Vendor: Trendmicro 26 Products
Internet security
Officescan
Trend micro internet security
Housecall
Trend micro antivirus
Internet security 2010
Interscan messaging security suite
Interscan messaging security virtual appliance
Interscan web security virtual appliance
Tmeext.sys
Maximum security
Premium security
Antivirus+
Mobile security
Threat discovery appliance
Serverprotect
Deep discovery director
Control manager
Deep discovery email inspector
Trend micro control manager
Smart protection server
Web security virtual appliance
Officescan xg
Scanmail
Encryption for email
Email encryption gateway


Copyright 2018, cxsecurity.com

 

Back to Top