Lucene search
TrendmicroCVELIST:CVE-2019-18187HistoryOct 28, 2019 - 7:28 p.m.
CVE-2019-18187
2019-10-2819:28:32
trendmicro
www.cve.org
3
EPSS
0.113
Percentile
95.2%
Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication.
CNA Affected
[
{
"product": "Trend Micro OfficeScan",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "Version 11.0, XG (12.0)"
}
]
}
]Related
symantec
symantec
Trend Micro OfficeScan CVE-2019-18187 Directory Traversal Vulnerability
2019-10-28 00:00:00
cisa_kev
cisa_kev
Trend Micro OfficeScan Directory Traversal Vulnerability
2021-11-03 00:00:00
cve
cve
CVE-2019-18187
2019-10-28 20:15:11
prion
prion
Directory traversal
2019-10-28 20:15:00
nessus
nessus
Trend Micro OfficeScan Directory Traversal Vulnerability (000151730)
2020-01-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Trend Micro OfficeScan Directory Traversal (CVE-2019-18187)
2020-02-25 00:00:00
attackerkb
attackerkb
CVE-2019-18187
2019-10-28 00:00:00
nvd
nvd
CVE-2019-18187
2019-10-28 20:15:11
threatpost
threatpost
Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00:39
Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00:39
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00