Vulnerabilities > Trend Micro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-30 | CVE-2005-3379 | Unspecified vulnerability in Trend Micro Officescan and Pc-Cillin 2005 Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | 5.1 |
2005-05-02 | CVE-2005-0533 | Heap Overflow vulnerability in Trend Micro VSAPI ARJ Handling Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | 7.5 |
2005-05-02 | CVE-2005-0383 | Remote Security vulnerability in Trend Micro Control Manager 3.0Enterprise Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. | 7.5 |
2005-03-01 | CVE-2004-1003 | Unspecified vulnerability in Trend Micro Scanmail Domino 2.51/2.6 Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file. | 5.0 |
2004-12-31 | CVE-2004-2430 | Local Privilege Escalation vulnerability in Trend Micro OfficeScan Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. | 7.2 |
2004-05-07 | CVE-2004-2006 | Unspecified vulnerability in Trend Micro Officescan Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. | 4.6 |
2004-03-24 | CVE-2004-1859 | Localweb Directory Traversal vulnerability in Trend Micro Interscan Viruswall Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1344 | Cryptographic Issues vulnerability in Trend Micro Virus Control System Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | 5.0 |
2003-12-31 | CVE-2003-1343 | Improper Authentication vulnerability in Trend Micro Scanmail Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | 7.5 |
2003-12-31 | CVE-2003-1342 | Resource Management Errors vulnerability in Trend Micro Virus Control System 1.8 Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | 5.0 |