Trendmicro

Officescan

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-14083

Exploit
  • EPSS 12.94%
  • Veröffentlicht 06.10.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file.

5.3

CVE-2017-14085

Exploit
  • EPSS 11.27%
  • Veröffentlicht 06.10.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules.

7.8

CVE-2017-14086

Exploit
  • EPSS 21.53%
  • Veröffentlicht 06.10.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may ca...

10

CVE-2017-11394

  • EPSS 78.47%
  • Veröffentlicht 03.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI...

10

CVE-2017-11393

  • EPSS 8.97%
  • Veröffentlicht 03.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZD...

6.1

CVE-2017-8801

  • EPSS 0.33%
  • Veröffentlicht 05.05.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.

8.8

CVE-2017-5481

  • EPSS 0.48%
  • Veröffentlicht 03.05.2017 20:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.

5.3

CVE-2016-1223

  • EPSS 1.68%
  • Veröffentlicht 19.06.2016 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.

5

CVE-2010-0564

  • EPSS 1.39%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. ...

2.1

CVE-2009-1435

Exploit
  • EPSS 0.45%
  • Veröffentlicht 27.04.2009 18:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information.