Total
71 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-14085 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules. | |||||
CVE-2017-14083 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. | |||||
CVE-2017-14084 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations. | |||||
CVE-2017-14089 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues. | |||||
CVE-2017-14088 | 1 Trendmicro | 2 Officescan, Officescan Xg | 2023-12-10 | 6.9 MEDIUM | 7.0 HIGH |
Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability. | |||||
CVE-2017-14087 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. | |||||
CVE-2017-8801 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website. | |||||
CVE-2017-5481 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 4.0 MEDIUM | 8.8 HIGH |
Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation. | |||||
CVE-2016-1223 | 1 Trendmicro | 3 Officescan, Worry-free Business Security, Worry-free Business Security Services | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
CVE-2010-0564 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. | |||||
CVE-2009-1435 | 1 Trendmicro | 1 Officescan | 2023-12-10 | 2.1 LOW | N/A |
NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information. |