Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro officescan 11.0 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2018-10507
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a malicious user to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. An attacker must already have administrator privileges in ord...
Trendmicro Officescan Xg
Trendmicro Officescan 11.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-10509
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a malicious user to exploit it via a Browser Refresh attack on vulnerable installations. An attacker must be using a AD logon user account in order to exploit this vulnerability.
Trendmicro Officescan 11.0
Trendmicro Officescan Xg
6.3
CVSSv3
CVE-2018-10359
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local malicious user to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first o...
Trendmicro Officescan 11.0
Trendmicro Officescan Xg
9.8
CVSSv3
CVE-2017-11393
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote malicious users to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
9.8
CVSSv3
CVE-2017-11394
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote malicious users to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
1 EDB exploit
5.3
CVSSv3
CVE-2017-14085
Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-14086
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to b...
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
8.8
CVSSv3
CVE-2017-5481
Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
7.5
CVSSv3
CVE-2019-18187
Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE...
Trendmicro Officescan Xg
Trendmicro Officescan 11.0
6.1
CVSSv3
CVE-2017-8801
Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build prior to 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »