Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2995


Vulnerability Score 4.3 4.3
CVE Id CVE-2012-2995
Last Modified 12 Apr 2013 10:54:56
Published 17 Sep 2012 10:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or (2) the src parameter to initUpdSchPage.imss.

Vulnerable Systems


  • Trendmicro Interscan Messaging Security Suite 7.1


CERT-VN - VU#471364

SECTRACK - 1027544

SECUNIA - 50620

Last Updated: 27 May 2016 11:00:44