Vulnerabilities > Trendmicro > Officescan > 11.0

DATE CVE VULNERABILITY TITLE RISK
2017-08-03 CVE-2017-11394 Improper Input Validation vulnerability in Trendmicro Officescan 11.0/12.0
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-20
critical
 9.8
9.8
2017-08-03 CVE-2017-11393 Improper Input Validation vulnerability in Trendmicro Officescan 11.0/12.0
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-20
critical
 9.8
9.8
2017-05-05 CVE-2017-8801 Cross-site Scripting vulnerability in Trendmicro Officescan 11.0/12.0
Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.
network
low complexity
trendmicro CWE-79
6.1
6.1
2017-05-03 CVE-2017-5481 Information Exposure vulnerability in Trendmicro Officescan 11.0/12.0
Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.
network
low complexity
trendmicro CWE-200
8.8
8.8
2016-06-19 CVE-2016-1223 Path Traversal vulnerability in Trendmicro products
Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
trendmicro CWE-22
5.3
5.3