Vulnerabilities > Trend Micro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1341 | Configuration vulnerability in Trend Micro Officescan and Virus Buster The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | 7.5 |
| 2003-08-27 | CVE-2003-0646 | Unspecified vulnerability in Trend Micro Damage Cleanup Server and Housecall Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. | 7.5 |
| 2002-12-31 | CVE-2002-2395 | Permissions, Privileges, and Access Controls vulnerability in Trend Micro Interscan Viruswall 3.52 InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding. | 5.0 |
| 2002-12-31 | CVE-2002-2394 | Permissions, Privileges, and Access Controls vulnerability in Trend Micro Interscan Viruswall 3.52/3.6 InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding. | 5.0 |
| 2002-12-31 | CVE-2002-1839 | Unspecified vulnerability in Trend Micro Interscan Viruswall for Windows NT 3.52 Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. | 5.0 |
| 2002-09-24 | CVE-2002-1121 | SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. | 7.5 |
| 2002-07-26 | CVE-2002-0440 | Unspecified vulnerability in Trend Micro Interscan Viruswall 3.51/3.6 Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients. | 7.5 |
| 2002-07-11 | CVE-2002-0637 | Unspecified vulnerability in Trend Micro Interscan Viruswall 3.52 InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express. | 7.5 |
| 2001-12-31 | CVE-2001-1574 | Remote Security vulnerability in Trend Micro Interscan Viruswall 3.5.1 Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code. | 10.0 |
| 2001-12-31 | CVE-2001-1573 | Remote Security vulnerability in Trend Micro Interscan Viruswall 3.51 Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter. | 10.0 |