Lucene search

K
TrendmicroOfficescan

7 matches found

CVE
CVE
added 2017/10/06 1:29 a.m.64 views

CVE-2017-14087

A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.

7.5CVSS7.5AI score0.22458EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.63 views

CVE-2017-14083

A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file.

7.5CVSS7.5AI score0.12935EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.58 views

CVE-2017-14084

A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.

8.1CVSS8.2AI score0.11048EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.58 views

CVE-2017-14089

An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.

9.8CVSS9.5AI score0.31502EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.57 views

CVE-2017-14086

Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with dum...

7.8CVSS7.7AI score0.21532EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.50 views

CVE-2017-14088

Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ...

7CVSS7.4AI score0.00119EPSS
CVE
CVE
added 2017/10/06 1:29 a.m.49 views

CVE-2017-14085

Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules.

5.3CVSS5.8AI score0.11269EPSS