The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of TrendMicro IWSS

Trend Micro InterScan Web Security: file reading via AdminUI
An attacker can read files via the administration Web application of Trend Micro InterScan Web Security, in order to obtain sensitive information...
CVE-2014-8510, VIGILANCE-VUL-15610, ZDI-14-373
OpenSSL: man in the middle via ChangeCipherSpec
An attacker can act as a man in the middle between a client and a server using OpenSSL, in order to read or alter exchanged data...
1676496, 1690827, aid-06062014, c04336637, c04347622, c04363613, CERTFR-2014-AVI-253, CERTFR-2014-AVI-254, CERTFR-2014-AVI-255, CERTFR-2014-AVI-260, CERTFR-2014-AVI-274, CERTFR-2014-AVI-279, CERTFR-2014-AVI-286, CERTFR-2014-AVI-513, cisco-sa-20140605-openssl, cpuoct2016, CTX140876, CVE-2014-0224, DOC-53313, DSA-2950-1, DSA-2950-2, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2014-7101, FEDORA-2014-7102, FG-IR-14-018, FreeBSD-SA-14:14.openssl, HPSBHF03052, HPSBUX03046, JSA10629, MDVSA-2014:105, MDVSA-2014:106, MDVSA-2015:062, NetBSD-SA2014-006, openSUSE-SU-2014:0764-1, openSUSE-SU-2014:0765-1, openSUSE-SU-2015:0229-1, openSUSE-SU-2016:0640-1, RHSA-2014:0624-01, RHSA-2014:0625-01, RHSA-2014:0626-01, RHSA-2014:0627-01, RHSA-2014:0628-01, RHSA-2014:0629-01, RHSA-2014:0630-01, RHSA-2014:0631-01, RHSA-2014:0632-01, RHSA-2014:0633-01, RHSA-2014:0679-01, RHSA-2014:0680-01, SA40006, SA80, SB10075, sk101186, SOL15325, SPL-85063, SSA:2014-156-03, SSA-234763, SSRT101590, SUSE-SU-2014:0759-1, SUSE-SU-2014:0759-2, SUSE-SU-2014:0761-1, SUSE-SU-2014:0762-1, SUSE-SU-2019:14246-1, USN-2232-1, USN-2232-2, USN-2232-3, USN-2232-4, VIGILANCE-VUL-14844, VMSA-2014-0006, VMSA-2014-0006.1, VMSA-2014-0006.10, VMSA-2014-0006.11, VMSA-2014-0006.2, VMSA-2014-0006.3, VMSA-2014-0006.4, VMSA-2014-0006.5, VMSA-2014-0006.6, VMSA-2014-0006.7, VMSA-2014-0006.8, VMSA-2014-0006.9, VU#978508
Trend Micro InterScan Web Security Suite: privilege elevation
A local attacker can use the patchCmd program of Trendmicro InterScan Web Security Suite, in order to gain root privileges...
BID-50380, VIGILANCE-VUL-11103
Trend Micro InterScan Web Security: five vulnerabilities
Five vulnerabilities of Trend Micro InterScan Web Security Virtual Appliance can be used by an attacker to read/alter information or to execute code...
BID-41039, BID-41072, BID-41296, CYBSEC Advisory#2010-0604, CYBSEC Advisory#2010-0605, CYBSEC Advisory#2010-0606, CYBSEC Advisory#2010-0701, VIGILANCE-VUL-9726
Trend Micro: bypassing via RAR, CAB and ZIP
An attacker can create a RAR, CAB or ZIP archive containing a virus which is not detected by Trend Micro...
BID-34763, TZO-17-2009, VIGILANCE-VUL-8683
InterScan Web Security Suite: obtaining password
When an authentication is configured for Trend Micro InterScan Web Security Suite, an attacker can obtain the login and the password of the user...
BID-33687, CVE-2009-0612, VIGILANCE-VUL-8457
InterScan Web Security Suite: privilege elevation
A local attacker can change the configuration of Trend Micro InterScan Web Security Suite...
BID-33679, CVE-2009-0613, VIGILANCE-VUL-8454
Trend Micro AntiVirus scan engine: buffer overflow in Tmxpflt.sys
A local attacker can run code on the system by exploiting a buffer overflow of Trend Micro AntiVirus scan engine...
1036190, CERTA-2007-AVI-456, CVE-2007-4277, VIGILANCE-VUL-7285
Our database contains other pages. You can request a free trial to read them.

Display information about TrendMicro IWSS: