CVE-2006-1380

high

Description

ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25415

http://www.vupen.com/english/advisories/2006/1041

http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english

http://secunia.com/advisories/19022

Details

Source: Mitre, NVD

Published: 2006-03-24

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00069