CVE-2017-6338
published 2017-04-05CVE-2017-6338: Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low…
PriorityP344medium6.5CVSS 3.0
AVNACLPRLUINSUCNIHAN
EXPLOIT
EPSS
3.92%
89.0th percentile
Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify reports, or upload an HTTPS Decryption Certificate and Private Key.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trendmicro | interscan_web_security_virtual_appliance | <= 6.5 | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
exploitdb·2017-03-20
CVE-2017-0086 Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
---
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1025
We have encountered a crash in the Windows Uniscribe user-mode library, in the memset() function called by USP10!otlCacheManager::GlyphsSubstituted, while trying to display text using a corrupted font file:
---
(449c.6338): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=092ac250 ebx=092ac230 ecx=00000784 edx=00000074 esi=0028ea6c edi=092affd0
eip=76bc9c8d esp=0028e978 ebp=0028e97c iopl=0 nv up ei pl nz na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206
ms
Exploit-DB
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 - Multiple Vulnerabilities
exploitdb·2017-01-12·CVSS 6.5
CVE-2017-6340 [MEDIUM] Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 - Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 - Multiple Vulnerabilities
---
# Exploit Title: [Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5.x Multiple Vulnerabilities]
# Date: [12/01/2017]
# Exploit Author: [SlidingWindow] , Twitter: @Kapil_Khot
# Vendor Homepage: [http://www.trendmicro.com/us/enterprise/network-security/interscan-web-security/virtual-appliance/]
# Version: [Tested on IWSVA 6.5-SP2 Critical Patch Build 1739 and prior versions in 6.5.x series. Older versions may also be affected]
# Tested on: [IWSVA 6.5-SP2 Critical Patch Build 1739]
# CVE : [CVE-2017-6338,CVE-2017-6339,CVE-2017-6340]
# Vendor Security Bulletin: https://success.trendmicro.com/solution/1116960
#Product:-
Trend Micro ‘InterScan Web Security Virtual Appliance (IWSV
No writeups or analysis indexed.
http://www.securityfocus.com/bid/97482https://success.trendmicro.com/solution/1116960https://www.qualys.com/2017/01/12/qsa-2017-01-12/qsa-2017-01-12.pdfhttp://www.securityfocus.com/bid/97482https://success.trendmicro.com/solution/1116960https://www.qualys.com/2017/01/12/qsa-2017-01-12/qsa-2017-01-12.pdf
2017-04-05
Published