CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1366
https://notcve.org/view.php?id=CVE-2008-1366
17 Mar 2008 — Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference. Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 y anteriores y 7.3 Patch 3 build 1314 y anteriores, permiten a atacantes remotos provocar una denegac... • http://aluigi.altervista.org/adv/officescaz-adv.txt • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 77%CPEs: 2EXPL: 0CVE-2007-3454
https://notcve.org/view.php?id=CVE-2007-3454
27 Jun 2007 — Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library. Un desbordamiento de búfer en la región stack de la memoria en la biblioteca CGIOCommon.dll versiones anteriores a 8.0.0.1042 en Trend Micro OfficeScan Corporate Edition versión 8.0, permite a atacantes remotos ejecutar código a... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=559 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 19%CPEs: 1EXPL: 0CVE-2007-3455
https://notcve.org/view.php?id=CVE-2007-3455
27 Jun 2007 — cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the password requirement and gain access to the Management Console via an empty hash and empty encrypted password string, related to "stored decrypted user logon information." El archivo cgiChkMasterPwd.exe versiones anteriores a 8.0.0.142 en Trend Micro OfficeScan Corporate Edition versión 8.0, permite a atacantes remotos omitir el requisito de contraseña y conseguir acceso a la Consola de... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=558 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 89%CPEs: 3EXPL: 1CVE-2007-0325 – Trend Micro OfficeScan - Client ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-0325
20 Feb 2007 — Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. Múltiples desbordamientos de búfer en el control ActiveX Trend Micro OfficeScan Web-Deployment SetupINICtrl en OfficeScanSetupINI.dll, como ha sido usado en OfficeS... • https://www.exploit-db.com/exploits/16535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 89%CPEs: 118EXPL: 0CVE-2007-0851
https://notcve.org/view.php?id=CVE-2007-0851
08 Feb 2007 — Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. Un desbordamiento de búfer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versión 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecuta... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2006-6458
https://notcve.org/view.php?id=CVE-2006-6458
11 Dec 2006 — The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. El motor de escaneo de Trend Micro anterior a 8.320 para Windows y anterior a 8.150 en HP-U... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2006-6179
https://notcve.org/view.php?id=CVE-2006-6179
30 Nov 2006 — Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer en PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe para el Trend Micro OfficeScan 7.3 anterior a la versión 7.3.0.1089, permite a atacantes remotos ejecutar código de su elección a través de vectores de ataque desconocidos. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2006-6178
https://notcve.org/view.php?id=CVE-2006-6178
30 Nov 2006 — Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer en PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe para Trend Micro OfficeScan 7.3 anterior a build 7.3.0.1087 permite a atacantes remotos ejecutar código de su elección mediante vectores de ataque no especificados. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2006-5211
https://notcve.org/view.php?id=CVE-2006-5211
09 Oct 2006 — Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7... • http://secunia.com/advisories/22156 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2006-5212
https://notcve.org/view.php?id=CVE-2006-5212
09 Oct 2006 — Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.14... • http://secunia.com/advisories/22156 •