CVE-2006-1380

ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe.
Configurations

Configuration 1 (hide)

cpe:2.3:a:trendmicro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*

History

21 Nov 2024, 00:08

Type Values Removed Values Added
References () http://secunia.com/advisories/19022 - Patch, Vendor Advisory () http://secunia.com/advisories/19022 - Patch, Vendor Advisory
References () http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - URL Repurposed () http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - URL Repurposed
References () http://www.vupen.com/english/advisories/2006/1041 - () http://www.vupen.com/english/advisories/2006/1041 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25415 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25415 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - (MISC) http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - URL Repurposed

Information

Published : 2006-03-24 11:02

Updated : 2024-11-21 00:08


NVD link : CVE-2006-1380

Mitre link : CVE-2006-1380

CVE.ORG link : CVE-2006-1380


JSON object : View

Products Affected

trendmicro

  • interscan_messaging_security_suite
CWE
CWE-264

Permissions, Privileges, and Access Controls