Vulnerabilities > Trend Micro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-02 | CVE-2007-1169 | Remote Security vulnerability in Trend Micro Serverprotect 1.2520070216 The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network. | 5.0 |
| 2007-01-30 | CVE-2007-0602 | Local Security vulnerability in Trend Micro Viruswall 3.81 Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533. local trend-micro | 6.9 |
| 2006-10-10 | CVE-2006-5212 | Unspecified vulnerability in Trend Micro Officescan Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program. | 5.0 |
| 2006-10-10 | CVE-2006-5211 | Unspecified vulnerability in Trend Micro Officescan Corporate Edition 6.5/7.0/7.3 Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. | 6.4 |
| 2006-10-05 | CVE-2006-5157 | Unspecified vulnerability in Trend Micro Officescan Corporate7.3 Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in TrendMicro OfficeScan Corporate Edition (OSCE) before 7.3 Patch 1 allows remote attackers to execute arbitrary code via format string identifiers in the "Management Console's Remote Client Install name search". | 5.1 |
| 2006-06-27 | CVE-2006-3261 | HTML Injection vulnerability in Trend Micro Control Manager 3.5 Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page, which is not properly sanitized before being displayed in the error log. network trend-micro | 4.3 |
| 2006-02-10 | CVE-2006-0642 | Unspecified vulnerability in Trend Micro products Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. | 5.1 |
| 2005-12-14 | CVE-2005-1930 | Directory Traversal vulnerability in Trend Micro Serverprotect 5.58 Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter. | 5.0 |
| 2005-10-30 | CVE-2005-3379 | Unspecified vulnerability in Trend Micro Officescan and Pc-Cillin 2005 Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | 5.1 |
| 2005-03-01 | CVE-2004-1003 | Unspecified vulnerability in Trend Micro Scanmail Domino 2.51/2.6 Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file. | 5.0 |