Vulnerabilities > Trend Micro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-22 | CVE-2007-1591 | Denial-Of-Service vulnerability in Trend Micro Trend Micro Antivirus 14.10.1041 VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service (kernel fault and system crash) via a crafted UPX file with a certain field that triggers a divide-by-zero error. | 7.8 |
| 2007-03-02 | CVE-2007-1169 | Remote Security vulnerability in Trend Micro Serverprotect 1.2520070216 The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network. | 5.0 |
| 2007-03-02 | CVE-2007-1168 | Authentication Bypass vulnerability in Trend Micro Serverprotect 1.2520070216/1.3/2.5 Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp). | 7.5 |
| 2007-02-21 | CVE-2007-1070 | Stack Buffer Overflow vulnerability in Trend Micro Serverprotect 5.58/5.61/5.62 Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll. | 10.0 |
| 2007-02-20 | CVE-2007-0325 | Buffer Errors vulnerability in Trend Micro products Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. | 9.3 |
| 2007-02-08 | CVE-2007-0856 | Local Privilege Escalation vulnerability in Trend Micro AntiVirus Scan Engine TMComm TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context. | 7.2 |
| 2007-02-08 | CVE-2007-0851 | Buffer Overflow vulnerability in Trend Micro Antivirus UPX Compressed PE File Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. | 9.3 |
| 2007-01-30 | CVE-2007-0602 | Local Security vulnerability in Trend Micro Viruswall 3.81 Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533. local trend-micro | 6.9 |
| 2006-12-11 | CVE-2006-6458 | Remote Denial Of Service vulnerability in Trend Micro products The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. | 7.8 |
| 2006-11-30 | CVE-2006-6179 | Buffer Overflow vulnerability in Trend Micro Officescan 7.3 Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors. | 7.5 |