Page 2 of 8 results (0.002 seconds)

CVSS: 7.5EPSS: 21%CPEs: 78EXPL: 0

Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. • http://secunia.com/advisories/14396 http://securitytracker.com/id?1013289 http://securitytracker.com/id?1013290 http://www.securityfocus.com/bid/12643 http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution http://xforce.iss.net/xforce/alerts/id/189 •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html http://secunia.com/advisories/11806 http://uk.trendmicro-europe.com/enterprise/support/knowledge_base_detail.php?solutionId=20118 http://www.osvdb.org/6840 http://www.securityfocus.com/bid/10503 https://exchange.xforce.ibmcloud.com/vulnerabilities/16375 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1

Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. • http://marc.info/?l=bugtraq&m=108395366909344&w=2 http://secunia.com/advisories/11576 http://www.osvdb.org/5990 http://www.securityfocus.com/bid/10300 https://exchange.xforce.ibmcloud.com/vulnerabilities/16092 •