Officescan@8.0 Security Vulnerabilities and Issues — Officescan@8.0 CVE List

Lucene search

Trend MicroOfficescan8.0

10 matches found

CVE•added 2008/10/23 10:0 p.m.•48 views

CVE-2008-3862

Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsin...

10CVSS7.8AI score0.40423EPSS

CVE•added 2008/09/16 10:0 p.m.•45 views

CVE-2008-2437

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.

10CVSS7.8AI score0.29747EPSS

CVE•added 2007/06/27 12:30 a.m.•44 views

CVE-2007-3455

cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the password requirement and gain access to the Management Console via an empty hash and empty encrypted password string, related to "stored decrypted user logon information."

10CVSS7AI score0.01526EPSS

CVE•added 2007/06/27 12:30 a.m.•41 views

CVE-2007-3454

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.

10CVSS7.9AI score0.19743EPSS

CVE•added 2008/10/03 3:7 p.m.•37 views

CVE-2008-4402

Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors.

10CVSS7.9AI score0.15574EPSS

CVE•added 2008/10/03 3:7 p.m.•34 views

CVE-2008-2439

Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Wor...

5CVSS6.7AI score0.44618EPSS

CVE•added 2009/01/21 8:30 p.m.•33 views

CVE-2008-3866

The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which a...

4.6CVSS6.5AI score0.00142EPSS

CVE•added 2009/01/21 8:30 p.m.•31 views

CVE-2008-3864

The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet ...

5CVSS6.7AI score0.01657EPSS

CVE•added 2009/01/21 8:30 p.m.•31 views

CVE-2008-3865

Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrar...

10CVSS7.9AI score0.29345EPSS

CVE•added 2008/10/03 3:7 p.m.•27 views

CVE-2008-4403

The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via crafted HTTP headers, related to the "error handling mechanism."

5CVSS6.6AI score0.03855EPSS