CVE-2018-6220

An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:trendmicro:email_encryption_gateway:5.5:*:*:*:*:*:*:*

History

21 Nov 2024, 04:10

Type Values Removed Values Added
References () https://success.trendmicro.com/solution/1119349 - Patch, Vendor Advisory () https://success.trendmicro.com/solution/1119349 - Patch, Vendor Advisory
References () https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities - Exploit, Technical Description, Third Party Advisory () https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities - Exploit, Technical Description, Third Party Advisory
References () https://www.exploit-db.com/exploits/44166/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/44166/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2018-03-15 19:29

Updated : 2024-11-21 04:10


NVD link : CVE-2018-6220

Mitre link : CVE-2018-6220

CVE.ORG link : CVE-2018-6220


JSON object : View

Products Affected

trendmicro

  • email_encryption_gateway
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')