CVE-2003-1343

Published: Dec 31, 2003Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".

Affected (2)

Products: Trend Micro: Scanmail

Trend Micro

1 product

Scanmail

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Trend Micro Scanmail	Up to 3.8
Trend Micro Scanmail	Up to 6.0

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (10)

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html

Source: cve@mitre.org

http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352

Source: cve@mitre.org

http://secunia.com/advisories/7881

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/6619

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/11061

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html