Vulnerabilities > Trend Micro

DATE CVE VULNERABILITY TITLE RISK
2003-12-31 CVE-2003-1341 Configuration vulnerability in Trend Micro Officescan and Virus Buster
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
network
low complexity
trend-micro CWE-16
7.5
2003-08-27 CVE-2003-0646 Unspecified vulnerability in Trend Micro Damage Cleanup Server and Housecall
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.
network
low complexity
trend-micro
7.5
2002-12-31 CVE-2002-2395 Permissions, Privileges, and Access Controls vulnerability in Trend Micro Interscan Viruswall 3.52
InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding.
network
low complexity
trend-micro CWE-264
5.0
2002-12-31 CVE-2002-2394 Permissions, Privileges, and Access Controls vulnerability in Trend Micro Interscan Viruswall 3.52/3.6
InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding.
network
low complexity
trend-micro CWE-264
5.0
2002-12-31 CVE-2002-1839 Unspecified vulnerability in Trend Micro Interscan Viruswall for Windows NT 3.52
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message.
network
low complexity
trend-micro
5.0
2002-09-24 CVE-2002-1121 SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. 7.5
2002-07-26 CVE-2002-0440 Unspecified vulnerability in Trend Micro Interscan Viruswall 3.51/3.6
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
network
low complexity
trend-micro
7.5
2002-07-11 CVE-2002-0637 Unspecified vulnerability in Trend Micro Interscan Viruswall 3.52
InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.
network
low complexity
trend-micro
7.5
2001-12-31 CVE-2001-1574 Remote Security vulnerability in Trend Micro Interscan Viruswall 3.5.1
Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.
network
low complexity
trend-micro
critical
10.0
2001-12-31 CVE-2001-1573 Remote Security vulnerability in Trend Micro Interscan Viruswall 3.51
Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.
network
low complexity
trend-micro
critical
10.0