CVSS: 6.2EPSS: 1%CPEs: 1EXPL: 0CVE-2010-0564
https://notcve.org/view.php?id=CVE-2010-0564
10 Feb 2010 — Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. Desbordamiento de búfer en Trend Micro URL Filtering Engine (TMUFE) en OfficeScan v8.0 en versiones anteriores a SP1 Patch 5 - Build 3510, posiblemente tmufeng.dll ... • http://secunia.com/advisories/38396 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 29%CPEs: 9EXPL: 0CVE-2008-2437
https://notcve.org/view.php?id=CVE-2008-2437
16 Sep 2008 — Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter. Desbordamiento de búfer basado en pila en cgiRecvFile.exe en Trend Micro OfficeScan 7.3 patch 4 build 1362 y otras, OfficeScan 8.0 y 8.0 SP1, y Client Server Messaging Security 3.6, permite a atacantes remotos ejecuta... • http://secunia.com/advisories/31342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 12%CPEs: 4EXPL: 0CVE-2008-2433
https://notcve.org/view.php?id=CVE-2008-2433
27 Aug 2008 — The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." La consola de administración web en Trend Micro OfficeScan 7.0 hasta 8.0, Worry-Free Business Security 5.0,... • http://secunia.com/advisories/31373 • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.3EPSS: 73%CPEs: 3EXPL: 1CVE-2007-0325 – Trend Micro OfficeScan - Client ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-0325
20 Feb 2007 — Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. Múltiples desbordamientos de búfer en el control ActiveX Trend Micro OfficeScan Web-Deployment SetupINICtrl en OfficeScanSetupINI.dll, como ha sido usado en OfficeS... • https://www.exploit-db.com/exploits/16535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 31%CPEs: 118EXPL: 0CVE-2007-0851
https://notcve.org/view.php?id=CVE-2007-0851
08 Feb 2007 — Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. Un desbordamiento de búfer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versión 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecuta... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2006-5211
https://notcve.org/view.php?id=CVE-2006-5211
09 Oct 2006 — Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7... • http://secunia.com/advisories/22156 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2006-5212
https://notcve.org/view.php?id=CVE-2006-5212
09 Oct 2006 — Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.14... • http://secunia.com/advisories/22156 •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3379
https://notcve.org/view.php?id=CVE-2005-3379
29 Oct 2005 — Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE... • http://marc.info/?l=bugtraq&m=113026417802703&w=2 •
CVSS: 8.4EPSS: 7%CPEs: 78EXPL: 0CVE-2005-0533
https://notcve.org/view.php?id=CVE-2005-0533
24 Feb 2005 — Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. • http://secunia.com/advisories/14396 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-2430
https://notcve.org/view.php?id=CVE-2004-2430
31 Dec 2004 — Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html •