CVSS: 6.2EPSS: 1%CPEs: 1EXPL: 0CVE-2010-0564
https://notcve.org/view.php?id=CVE-2010-0564
10 Feb 2010 — Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. Desbordamiento de búfer en Trend Micro URL Filtering Engine (TMUFE) en OfficeScan v8.0 en versiones anteriores a SP1 Patch 5 - Build 3510, posiblemente tmufeng.dll ... • http://secunia.com/advisories/38396 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 5CVE-2009-1435 – Trend Micro OfficeScan 8.0 Client - Denial of Service
https://notcve.org/view.php?id=CVE-2009-1435
27 Apr 2009 — NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information. NTRtScan.exe en Trend Micro OfficeScan Client 8.0 SP1 y 8.0 SP1 Parche 1 permite a usuarios locales causar una denegación de servicio (cuelgue de la aplicación) a través de directorios con nombres de rutas largas. NOTA: algunos de estos detalles se obtienen a pa... • https://www.exploit-db.com/exploits/32939 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2008-3864
https://notcve.org/view.php?id=CVE-2008-3864
21 Jan 2009 — The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field. La función ApiThread en el servicio de cortafuegos (también conocido como TmPfw.exe) en los módulos Trend Micro Network Security Component (NSC), del modo que se us... • http://secunia.com/advisories/31160 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 29%CPEs: 3EXPL: 0CVE-2008-3865
https://notcve.org/view.php?id=CVE-2008-3865
21 Jan 2009 — Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field. Múltiples desbordamientos de búfer basados en montículo en la función ApiThread en el servicio de cortafuegos (también conocido como TmPfw.exe) ... • http://secunia.com/advisories/31160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3866
https://notcve.org/view.php?id=CVE-2008-3866
21 Jan 2009 — The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets. El servicio Trend Micro Personal Firewall (también conocido como TmPfw.exe)... • http://secunia.com/advisories/31160 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 40%CPEs: 2EXPL: 0CVE-2008-3862
https://notcve.org/view.php?id=CVE-2008-3862
23 Oct 2008 — Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests." Desbordamiento de búfer basado en pila en el programa CGI en el servidor de Trend Micro OfficeScan 7.3 Patch 4 build 1367 y otras compilaciones anteriores a 1374, y 8.0 SP1 Patch 1 compilaciones a... • http://secunia.com/advisories/32005 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 4EXPL: 1CVE-2008-2439 – TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
https://notcve.org/view.php?id=CVE-2008-2439
03 Oct 2008 — Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party infor... • https://packetstorm.news/files/id/180805 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 15%CPEs: 2EXPL: 0CVE-2008-4402
https://notcve.org/view.php?id=CVE-2008-4402
03 Oct 2008 — Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en los módulos CGI el servidor de Trend Micro OfficeScan v8.0 SP1 anterior a la b2439 y v8.0 SP1 Patch 1 anterior a b3087, permite a atacantes remotos ejecutar código a través de vectores no especificados. • http://secunia.com/advisories/32097 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2008-4403
https://notcve.org/view.php?id=CVE-2008-4403
03 Oct 2008 — The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via crafted HTTP headers, related to the "error handling mechanism." El módulo CGI en el servidor en Trend Micro OfficeScan v8.0 SP1 versiones anteriores a build 2439 y v8.0 SP1 Patch 1 versiones anteriores a build 3087 permite a atacantes remotos provocar una denegación de servicio (punt... • http://secunia.com/advisories/32097 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 29%CPEs: 9EXPL: 0CVE-2008-2437
https://notcve.org/view.php?id=CVE-2008-2437
16 Sep 2008 — Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter. Desbordamiento de búfer basado en pila en cgiRecvFile.exe en Trend Micro OfficeScan 7.3 patch 4 build 1362 y otras, OfficeScan 8.0 y 8.0 SP1, y Client Server Messaging Security 3.6, permite a atacantes remotos ejecuta... • http://secunia.com/advisories/31342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •