CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 2CVE-2003-1343 – Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2003-1343
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". • https://www.exploit-db.com/exploits/22174 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352 http://secunia.com/advisories/7881 http://www.securityfocus.com/bid/6619 https://exchange.xforce.ibmcloud.com/vulnerabilities/11061 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 13%CPEs: 3EXPL: 1CVE-2003-1342 – Trend Micro Virus Control System 1.8 - Denial of Service
https://notcve.org/view.php?id=CVE-2003-1342
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. • https://www.exploit-db.com/exploits/22172 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html http://secunia.com/advisories/7881 http://www.osvdb.org/6185 http://www.securityfocus.com/bid/6617 https://exchange.xforce.ibmcloud.com/vulnerabilities/11060 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2003-1344 – Trend Micro Virus Control System 1.8 - Information Disclosure
https://notcve.org/view.php?id=CVE-2003-1344
Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. • https://www.exploit-db.com/exploits/22173 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html http://secunia.com/advisories/7881 http://www.securityfocus.com/bid/6618 https://exchange.xforce.ibmcloud.com/vulnerabilities/11063 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 10%CPEs: 13EXPL: 2CVE-2003-1341 – Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
https://notcve.org/view.php?id=CVE-2003-1341
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. • https://www.exploit-db.com/exploits/22171 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353 http://secunia.com/advisories/7881 http://www.osvdb.org/6181 http://www.securityfocus.com/bid/6616 https://exchange.xforce.ibmcloud.com/vulnerabilities/11059 • CWE-16: Configuration •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2003-0646
https://notcve.org/view.php?id=CVE-2003-0646
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. Múltiples desbordamientos de búfer en controles ActiveX usados por Trend Micro HouseCall 5.5 y 5.7, y Damage Cleanup Server 1.0, permite a atacantes remotos ejecutar código arbitrario mediante cadenas de parámetros largos. • http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=15274 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006488.html •