Trendmicro

Officescan

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2018-10507

Exploit
  • EPSS 1.08%
  • Veröffentlicht 12.06.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:27

A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. An attacker must already have adminis...

6.3

CVE-2018-10505

  • EPSS 0.08%
  • Veröffentlicht 08.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:27

A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. ...

6.3

CVE-2018-10358

  • EPSS 0.08%
  • Veröffentlicht 08.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:15

A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. ...

6.3

CVE-2018-10359

  • EPSS 0.08%
  • Veröffentlicht 08.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:15

A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. ...

4.7

CVE-2018-10506

  • EPSS 0.11%
  • Veröffentlicht 08.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:27

A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by th...

7

CVE-2018-6218

  • EPSS 0.36%
  • Veröffentlicht 16.02.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:19

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

9.8

CVE-2017-14089

Exploit
  • EPSS 31.5%
  • Veröffentlicht 06.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.

7

CVE-2017-14088

  • EPSS 0.12%
  • Veröffentlicht 06.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploit...

7.5

CVE-2017-14087

Exploit
  • EPSS 22.46%
  • Veröffentlicht 06.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.

8.1

CVE-2017-14084

  • EPSS 11.05%
  • Veröffentlicht 06.10.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.