CVE-2018-6220

An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems.
References
Link Resource
https://success.trendmicro.com/solution/1119349 Patch Vendor Advisory
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities Exploit Technical Description Third Party Advisory
https://www.exploit-db.com/exploits/44166/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:trendmicro:email_encryption_gateway:5.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-15 19:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-6220

Mitre link : CVE-2018-6220

CVE.ORG link : CVE-2018-6220


JSON object : View

Products Affected

trendmicro

  • email_encryption_gateway
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')