CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2004-2430
https://notcve.org/view.php?id=CVE-2004-2430
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html http://secunia.com/advisories/11806 http://uk.trendmicro-europe.com/enterprise/support/knowledge_base_detail.php?solutionId=20118 http://www.osvdb.org/6840 http://www.securityfocus.com/bid/10503 https://exchange.xforce.ibmcloud.com/vulnerabilities/16375 •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1CVE-2004-2006
https://notcve.org/view.php?id=CVE-2004-2006
Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. • http://marc.info/?l=bugtraq&m=108395366909344&w=2 http://secunia.com/advisories/11576 http://www.osvdb.org/5990 http://www.securityfocus.com/bid/10300 https://exchange.xforce.ibmcloud.com/vulnerabilities/16092 •
CVSS: 7.5EPSS: 7%CPEs: 13EXPL: 2CVE-2003-1341 – Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
https://notcve.org/view.php?id=CVE-2003-1341
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. • https://www.exploit-db.com/exploits/22171 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353 http://secunia.com/advisories/7881 http://www.osvdb.org/6181 http://www.securityfocus.com/bid/6616 https://exchange.xforce.ibmcloud.com/vulnerabilities/11059 • CWE-16: Configuration •