JVNVU#94115268: Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting

Overview

Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance (IWSVA).

Products Affected

InterScan Web Security Virtual Appliance (IWSVA) Version 6.5 SP2

Description

Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance (IWSVA).

Impact

A user may be redirected to an arbitrary website due to the reflected cross-site scripting vulnerability.
For more information, refer to the information provided by the developer.

Solution

Apply the Patch
Apply the appropriate patch according to the information provided by the developer.

Vendor Status

Vendor	Link
Trend Micro Incorporated	SECURITY BULLETIN: Trend Micro InterScan Web Security Virtual Appliance 6.5 Reflected XSS Vulnerability

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia

JVNVU#94115268 Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting