|Check Point Reference:||CPAI-2012-787|
|Date Published:||16 Dec 2012|
|Protection Provided by:||
|Who is Vulnerable?|| Trend Micro InterScan Messaging Security Suite |
|Vulnerability Description||A cross-site-scripting vulnerability has been reported in Trend Micro InterScan Messaging Security Suite.|
|Vulnerability Details||The vulnerability is due to insufficient sanitization of HTTP request parameters. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted link. Successful exploitation could allow an attacker to execute script code in the browser security context of the affected application.|
This protection will detect and block malicious cross-site-scripting in Trend Micro InterScan Messaging Security Suite.
- In the IPS tab, click Protections and find the Trend Micro InterScan Messaging Security Suite Cross-site Scripting protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: Trend Micro ServerProtect Protection Violation
Attack Information: Trend Micro InterScan Messaging Security Suite Cross-site Scripting