CVE-2009-0613

Published: Feb 17, 2009Modified: Apr 23, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.

Affected (1)

Products: Trendmicro: Interscan Web Security Suite

Trendmicro

1 product

Interscan Web Security Suite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Trendmicro Interscan Web Security Suite	Version 3.1

Related CWEs

CWE-264

References (8)

http://secunia.com/advisories/33867

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id?1021694

Source: cve@mitre.org

http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237_EN.txt

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2009/0369

Source: cve@mitre.org

http://secunia.com/advisories/33867

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id?1021694

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237_EN.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2009/0369

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.