CVE-2006-6458
https://notcve.org/view.php?id=CVE-2006-6458
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. El motor de escaneo de Trend Micro anterior a 8.320 para Windows y anterior a 8.150 en HP-UX y AIX, utilizado en Trend Micro PC Cillin - internet Security 2006, Office Scan 7.3, y Server Protect 5.58, permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU y cuelgue de aplicación) mediante un archivo RAR mal formado con una sección Cabecera de Archivo con lo campos head_size (tamaño de cabecera) y pack_size (tamaño de paquete) puestos a cero, lo cual dispara un bucle infinito. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 http://secunia.com/advisories/23321 http://www.securityfocus.com/bid/21509 http://www.vupen.com/english/advisories/2006/4918 •
CVE-2006-6178
https://notcve.org/view.php?id=CVE-2006-6178
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer en PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe para Trend Micro OfficeScan 7.3 anterior a build 7.3.0.1087 permite a atacantes remotos ejecutar código de su elección mediante vectores de ataque no especificados. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702 http://solutionfile.trendmicro.com/SolutionFile/1031702/en/Hotfix_Readme_OSCE7_3_B1087.txt http://www.securityfocus.com/bid/21442 http://www.vupen.com/english/advisories/2006/4852 •
CVE-2006-6179
https://notcve.org/view.php?id=CVE-2006-6179
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer en PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe para el Trend Micro OfficeScan 7.3 anterior a la versión 7.3.0.1089, permite a atacantes remotos ejecutar código de su elección a través de vectores de ataque desconocidos. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753 http://solutionfile.trendmicro.com/SolutionFile/1031753/en/Hotfix_Readme_OSCE7_3_B1089.txt http://www.securityfocus.com/bid/21442 http://www.vupen.com/english/advisories/2006/4852 •
CVE-2006-5211
https://notcve.org/view.php?id=CVE-2006-5211
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7.0.0.1257, y 7.3 anterior a 7.3.0.1053 permite a atacantes remotos eliminar clientes OfficeScan mediante una petición HTTP determinada que invoca al programa CGI de OfficeScan. • http://secunia.com/advisories/22156 http://www.securityfocus.com/bid/20330 http://www.trendmicro.com/download/product.asp?productid=5 http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_70& •
CVE-2006-5212
https://notcve.org/view.php?id=CVE-2006-5212
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7.0.0.1257, y 7.3 anterior a 7.3.0.1053 permite a atacantes remotos borrar archivos mediante un parámetro de nombre de archivo (filename) modificado en una petición HTTP determinada que invoca al programa CGI de OfficeScan. • http://secunia.com/advisories/22156 http://www.securityfocus.com/bid/20330 http://www.trendmicro.com/download/product.asp?productid=5 http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_70& •