CVSS: 7.5EPSS: 10%CPEs: 13EXPL: 2CVE-2003-1341 – Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
https://notcve.org/view.php?id=CVE-2003-1341
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. • https://www.exploit-db.com/exploits/22171 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353 http://secunia.com/advisories/7881 http://www.osvdb.org/6181 http://www.securityfocus.com/bid/6616 https://exchange.xforce.ibmcloud.com/vulnerabilities/11059 • CWE-16: Configuration •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1151
https://notcve.org/view.php?id=CVE-2001-1151
Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password. • http://www.securityfocus.com/archive/1/220666 http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318 https://exchange.xforce.ibmcloud.com/vulnerabilities/7286 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2001-1150
https://notcve.org/view.php?id=CVE-2001-1150
Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files. • http://www.iss.net/security_center/static/7014.php http://www.securityfocus.com/archive/1/209375 http://www.securityfocus.com/archive/1/210087 http://www.securityfocus.com/bid/3216 •