{"id": "EDB-ID:22171", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Trend Micro OfficeScan 3.x CGI Directory Insufficient Permissions Vulnerability", "description": "Trend Micro OfficeScan 3.x CGI Directory Insufficient Permissions Vulnerability. CVE-2003-1341. Remote exploit for windows platform", "published": "2003-01-15T00:00:00", "modified": "2003-01-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/22171/", "reporter": "Rod Boron", "references": [], "cvelist": ["CVE-2003-1341"], "lastseen": "2016-02-02T18:08:18", "viewCount": 5, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2016-02-02T18:08:18", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-1341"]}], "modified": "2016-02-02T18:08:18", "rev": 2}, "vulnersScore": 5.7}, "sourceHref": "https://www.exploit-db.com/download/22171/", "sourceData": "source: http://www.securityfocus.com/bid/6616/info\r\n\r\nA vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation.\r\n\r\nhttp://x.x.x.x/officescan/cgi/cgiMasterPwd.exe", "osvdbidlist": ["6181"]}

{"cve": [{"lastseen": "2020-10-03T11:33:03", "description": "The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.", "edition": 3, "cvss3": {}, "published": "2003-12-31T05:00:00", "title": "CVE-2003-1341", "type": "cve", "cwe": ["CWE-16"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-1341"], "modified": "2017-07-29T01:29:00", "cpe": ["cpe:/a:trend_micro:officescan:3.5", "cpe:/a:trend_micro:virus_buster:3.53", "cpe:/a:trend_micro:officescan:3.1.1", "cpe:/a:trend_micro:officescan:3.11", "cpe:/a:trend_micro:virus_buster:3.52", "cpe:/a:trend_micro:officescan:3.54", "cpe:/a:trend_micro:officescan:3.13", "cpe:/a:trend_micro:virus_buster:3.54", "cpe:/a:trend_micro:officescan:3.0"], "id": "CVE-2003-1341", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1341", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:trend_micro:virus_buster:3.53:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.13:*:corporate_for_windows_nt_server:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.1.1:*:corporate_for_windows_nt_server:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.5:*:corporate_for_windows_nt_server:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:virus_buster:3.52:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.11:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.5:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:virus_buster:3.54:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.54:*:corporate:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate_for_windows_nt_server:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.11:*:corporate_for_windows_nt_server:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:3.13:*:corporate:*:*:*:*:*"]}]}