Severity: : Critical
  Advisory Date: 21 de июля de 2015

  DESCRIPTION

IceWarp Mail Server is prone to multiple cross-site scripting vulnerabilities and an XML external entity injection vulnerability. Attackers may exploit these issues to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials and obtain potentially sensitive information from local files; other attacks are also possible.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000552