Vulnerabilities (CVE)

Filtered by vendor Trendmicro Subscribe
Filtered by product Interscan Web Security Suite
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0613 1 Trendmicro 1 Interscan Web Security Suite 2024-11-21 6.0 MEDIUM N/A
Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.
CVE-2009-0612 1 Trendmicro 2 Interscan Web Security Suite, Interscan Web Security Virtual Appliance 2024-11-21 4.3 MEDIUM N/A
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and InterScan Web Security Suite (IWSS) 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain credentials by offering a media stream and then capturing this header.