Freely subscribe to our NEWSLETTER

This bulletin was written by Vigil@nce : https://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of Trend Micro
InterScan Messaging Security Virtual Appliance.

Impacted products: InterScan Messaging Security Suite.

Severity: 2/4.

Creation date: 07/10/2016.

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Trend Micro InterScan
Messaging Security Virtual Appliance.

An attacker can deceive the user, in order to redirect him to a
malicious site. [severity:1/4; CVE-2016-4914]

An attacker can trigger a Cross Site Scripting, in order to run
JavaScript code in the context of the web site. [severity:2/4;
CVE-2016-4915]

An attacker can bypass security features, in order to escalate his
privileges. [severity:2/4; CVE-2016-4916]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Trend-Micro-InterScan-Messaging-Security-Virtual-Appliance-three-vulnerabilities-20799