CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0CVE-2006-5212
https://notcve.org/view.php?id=CVE-2006-5212
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7.0.0.1257, y 7.3 anterior a 7.3.0.1053 permite a atacantes remotos borrar archivos mediante un parámetro de nombre de archivo (filename) modificado en una petición HTTP determinada que invoca al programa CGI de OfficeScan. • http://secunia.com/advisories/22156 http://www.securityfocus.com/bid/20330 http://www.trendmicro.com/download/product.asp?productid=5 http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_70& •
CVSS: 7.5EPSS: 21%CPEs: 78EXPL: 0CVE-2005-0533
https://notcve.org/view.php?id=CVE-2005-0533
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. • http://secunia.com/advisories/14396 http://securitytracker.com/id?1013289 http://securitytracker.com/id?1013290 http://www.securityfocus.com/bid/12643 http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution http://xforce.iss.net/xforce/alerts/id/189 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2004-2430
https://notcve.org/view.php?id=CVE-2004-2430
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html http://secunia.com/advisories/11806 http://uk.trendmicro-europe.com/enterprise/support/knowledge_base_detail.php?solutionId=20118 http://www.osvdb.org/6840 http://www.securityfocus.com/bid/10503 https://exchange.xforce.ibmcloud.com/vulnerabilities/16375 •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1CVE-2004-2006
https://notcve.org/view.php?id=CVE-2004-2006
Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. • http://marc.info/?l=bugtraq&m=108395366909344&w=2 http://secunia.com/advisories/11576 http://www.osvdb.org/5990 http://www.securityfocus.com/bid/10300 https://exchange.xforce.ibmcloud.com/vulnerabilities/16092 •