MEHTTPS picked up for CvE-2015-1635

Discussions on webmail and the Professional version.
Post Reply
R4LRetro
Posts: 36
Joined: Wed Mar 25, 2020 1:32 pm

MEHTTPS picked up for CvE-2015-1635

Post by R4LRetro »

This morning, Trend Micro quarantined and deleted MEHTTPS.exe, flagging it as a vulnerability with potential to exploit as per CvE-2015-1635. NIST lists the vulnerability here: https://nvd.nist.gov/vuln/detail/CVE-2015-1635

What I'd like to know is if I have a false positive or not? Is there something the devs need to patch?

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: MEHTTPS picked up for CvE-2015-1635

Post by MailEnable-Ian »

Hi,

What version of MailEnable Professional do you have installed? If not 10.39 then you need upgrade. If 10.39 then most likely a false positive.
Regards,

Ian Margarone
MailEnable Support

R4LRetro
Posts: 36
Joined: Wed Mar 25, 2020 1:32 pm

Re: MEHTTPS picked up for CvE-2015-1635

Post by R4LRetro »

Hi Ian,

I have 10.39 installed. I also have exceptions for MailEnable so I'm not sure why our A/V picked it up anyway. I just wanted to make sure it wasn't something more serious. Thank you!

Post Reply