CVSS: 6.2EPSS: 1%CPEs: 1EXPL: 0CVE-2010-0564
https://notcve.org/view.php?id=CVE-2010-0564
10 Feb 2010 — Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. Desbordamiento de búfer en Trend Micro URL Filtering Engine (TMUFE) en OfficeScan v8.0 en versiones anteriores a SP1 Patch 5 - Build 3510, posiblemente tmufeng.dll ... • http://secunia.com/advisories/38396 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 40%CPEs: 2EXPL: 0CVE-2008-3862
https://notcve.org/view.php?id=CVE-2008-3862
23 Oct 2008 — Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests." Desbordamiento de búfer basado en pila en el programa CGI en el servidor de Trend Micro OfficeScan 7.3 Patch 4 build 1367 y otras compilaciones anteriores a 1374, y 8.0 SP1 Patch 1 compilaciones a... • http://secunia.com/advisories/32005 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 44%CPEs: 4EXPL: 1CVE-2008-2439 – TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
https://notcve.org/view.php?id=CVE-2008-2439
03 Oct 2008 — Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party infor... • https://packetstorm.news/files/id/180805 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 29%CPEs: 9EXPL: 0CVE-2008-2437
https://notcve.org/view.php?id=CVE-2008-2437
16 Sep 2008 — Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter. Desbordamiento de búfer basado en pila en cgiRecvFile.exe en Trend Micro OfficeScan 7.3 patch 4 build 1362 y otras, OfficeScan 8.0 y 8.0 SP1, y Client Server Messaging Security 3.6, permite a atacantes remotos ejecuta... • http://secunia.com/advisories/31342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 12%CPEs: 4EXPL: 0CVE-2008-2433
https://notcve.org/view.php?id=CVE-2008-2433
27 Aug 2008 — The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." La consola de administración web en Trend Micro OfficeScan 7.0 hasta 8.0, Worry-Free Business Security 5.0,... • http://secunia.com/advisories/31373 • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.8EPSS: 55%CPEs: 1EXPL: 1CVE-2008-3364 – Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-3364
30 Jul 2008 — Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and Worry-Free Business Security (WFBS) 5.0 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. NOTE: some of these details are obtained from third party information. Un desbo... • https://www.exploit-db.com/exploits/6152 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 19%CPEs: 2EXPL: 0CVE-2007-3454
https://notcve.org/view.php?id=CVE-2007-3454
27 Jun 2007 — Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library. Un desbordamiento de búfer en la región stack de la memoria en la biblioteca CGIOCommon.dll versiones anteriores a 8.0.0.1042 en Trend Micro OfficeScan Corporate Edition versión 8.0, permite a atacantes remotos ejecutar código a... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=559 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 35%CPEs: 118EXPL: 0CVE-2007-0851
https://notcve.org/view.php?id=CVE-2007-0851
08 Feb 2007 — Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. Un desbordamiento de búfer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versión 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecuta... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6458
https://notcve.org/view.php?id=CVE-2006-6458
11 Dec 2006 — The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. El motor de escaneo de Trend Micro anterior a 8.320 para Windows y anterior a 8.150 en HP-U... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-6178
https://notcve.org/view.php?id=CVE-2006-6178
30 Nov 2006 — Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer en PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe para Trend Micro OfficeScan 7.3 anterior a build 7.3.0.1087 permite a atacantes remotos ejecutar código de su elección mediante vectores de ataque no especificados. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702 •