ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe.
References
Configurations
History
21 Nov 2024, 00:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/19022 - Patch, Vendor Advisory | |
References | () http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - URL Repurposed | |
References | () http://www.vupen.com/english/advisories/2006/1041 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/25415 - |
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english - URL Repurposed |
Information
Published : 2006-03-24 11:02
Updated : 2024-11-21 00:08
NVD link : CVE-2006-1380
Mitre link : CVE-2006-1380
CVE.ORG link : CVE-2006-1380
JSON object : View
Products Affected
trendmicro
- interscan_messaging_security_suite
CWE
CWE-264
Permissions, Privileges, and Access Controls