PT-2006-2389 · Trend Micro · Trend Micro Interscan Messaging Security Suite
Published
2006-03-24
·
Updated
2024-02-14
·
CVE-2006-1380
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Trend Micro InterScan Messaging Security Suite versions prior to 5.7.0.1121
Description
The issue concerns the ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite, which uses insecure DACLs for critical files. This allows local users to gain SYSTEM privileges by modifying the
ISNTSysMonitor.exe file.Recommendations
For versions prior to 5.7.0.1121, update to version 5.7.0.1121 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trend Micro Interscan Messaging Security Suite