CVSS: 9.8EPSS: 28%CPEs: 1EXPL: 0CVE-2006-5157
https://notcve.org/view.php?id=CVE-2006-5157
03 Oct 2006 — Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in TrendMicro OfficeScan Corporate Edition (OSCE) before 7.3 Patch 1 allows remote attackers to execute arbitrary code via format string identifiers in the "Management Console's Remote Client Install name search". Vulnerabilidad de cadena de formato en el control ActiveX (ATXCONSOLE.OCX) en TrendMicro OfficeScan Corporate Edition (OSCE) anterior a 7.3 Patch 1 permite a atacantes remotos ejecutar código de su elección mediante identificadore... • http://secunia.com/advisories/22224 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1381
https://notcve.org/view.php?id=CVE-2006-1381
24 Mar 2006 — Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe. • http://secunia.com/advisories/11576 •
CVSS: 8.1EPSS: 1%CPEs: 2EXPL: 0CVE-2005-3379
https://notcve.org/view.php?id=CVE-2005-3379
29 Oct 2005 — Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE... • http://marc.info/?l=bugtraq&m=113026417802703&w=2 •
CVSS: 8.4EPSS: 21%CPEs: 78EXPL: 0CVE-2005-0533
https://notcve.org/view.php?id=CVE-2005-0533
24 Feb 2005 — Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. • http://secunia.com/advisories/14396 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-2430
https://notcve.org/view.php?id=CVE-2004-2430
31 Dec 2004 — Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2004-2006
https://notcve.org/view.php?id=CVE-2004-2006
07 May 2004 — Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. • http://marc.info/?l=bugtraq&m=108395366909344&w=2 •
CVSS: 9.8EPSS: 6%CPEs: 13EXPL: 2CVE-2003-1341 – Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
https://notcve.org/view.php?id=CVE-2003-1341
31 Dec 2003 — The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. • https://www.exploit-db.com/exploits/22171 • CWE-16: Configuration •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2002-1349 – Trend Micro PC-cillin 2000/2002/2003 - Mail Scanner Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1349
18 Dec 2002 — Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 (POP3). Desbordamiento de búfer en pop3trap.exe en PC-cillin 2000, 2002, y 2003 permite a usuarios locales la ejecución arbitraria de código mediante una cadena de caracteres larga de entrada en el puerto TCP 110 (POP3). • https://www.exploit-db.com/exploits/22082 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1151
https://notcve.org/view.php?id=CVE-2001-1151
15 Oct 2001 — Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password. • http://www.securityfocus.com/archive/1/220666 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2001-1150
https://notcve.org/view.php?id=CVE-2001-1150
22 Aug 2001 — Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files. • http://www.iss.net/security_center/static/7014.php •