| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-2998 |
89 |
|
Exec Code Sql |
2012-09-28 |
2013-02-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
|
2 |
CVE-2008-2433 |
287 |
|
Exec Code |
2008-08-27 |
2009-01-29 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." |
|
3 |
CVE-2007-6386 |
119 |
|
DoS Overflow +Priv |
2007-12-14 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. |
|
4 |
CVE-2007-1591 |
|
|
DoS |
2007-03-22 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service (kernel fault and system crash) via a crafted UPX file with a certain field that triggers a divide-by-zero error. |
|
5 |
CVE-2007-1168 |
|
|
|
2007-03-02 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp). |
|
6 |
CVE-2007-0856 |
|
|
Exec Code |
2007-02-08 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context. |
|
7 |
CVE-2006-6458 |
|
|
DoS |
2006-12-11 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. |
|
8 |
CVE-2006-6179 |
|
|
Exec Code Overflow |
2006-11-30 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors. |
|
9 |
CVE-2006-6178 |
|
|
Exec Code Overflow |
2006-11-30 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. |
|
10 |
CVE-2006-1379 |
|
|
+Priv |
2006-03-24 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs such as (1) tmntsrv.exe and (2) tmproxy.exe. |
|
11 |
CVE-2005-3360 |
|
|
DoS +Priv |
2005-12-14 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably previous versions, uses insecure default ACLs, which allows local users to cause a denial of service (disabled service) and gain system privileges by modifying or moving critical program files. |
|
12 |
CVE-2005-1929 |
|
|
Exec Code Overflow |
2005-12-14 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product. |
|
13 |
CVE-2005-1928 |
399 |
|
DoS |
2005-12-14 |
2011-05-20 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain "magic value" to port 5005, which also leads to a memory leak. |
|
14 |
CVE-2005-0533 |
|
|
Exec Code Overflow |
2005-05-02 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. |
|
15 |
CVE-2005-0383 |
|
|
+Priv |
2005-05-02 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. |
|
16 |
CVE-2004-2430 |
|
|
+Priv |
2004-12-31 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. |
|
17 |
CVE-2003-1343 |
287 |
|
|
2003-12-31 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". |
|
18 |
CVE-2003-1341 |
16 |
|
Bypass |
2003-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. |
|
19 |
CVE-2003-0646 |
|
|
Exec Code Overflow |
2003-08-27 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. |
|
20 |
CVE-2002-1121 |
|
|
Bypass |
2002-09-24 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. |
|
21 |
CVE-2002-0637 |
|
|
Bypass |
2002-07-11 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express. |
|
22 |
CVE-2002-0440 |
|
|
Bypass |
2002-07-26 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients. |
|
23 |
CVE-2001-1026 |
|
|
|
2001-07-09 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address. |
|
24 |
CVE-2001-0958 |
|
|
Exec Code Overflow |
2001-09-12 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll. |
|
25 |
CVE-2001-0761 |
|
|
Exec Code Overflow |
2001-10-18 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter. |
|
26 |
CVE-2001-0689 |
|
|
|
2001-09-20 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program. |
|
27 |
CVE-2001-0410 |
|
|
DoS Exec Code Overflow |
2001-06-18 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header. |
|
28 |
CVE-2001-0174 |
|
|
DoS Exec Code Overflow |
2001-05-03 |
2008-09-10 |
7.6 |
Admin |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address. |
|
29 |
CVE-1999-1533 |
|
|
DoS |
1999-11-07 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. |
|
30 |
CVE-1999-1529 |
|
|
Exec Code Overflow |
1999-11-07 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code. |
