Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
officescan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2430
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.
Trend Micro Officescan 3.0
Trend Micro Officescan Corporate 3.11
Trend Micro Officescan Corporate 3.54
Trend Micro Officescan Corporate 5.02
Trend Micro Officescan Corporate 5.5
Trend Micro Officescan Corporate 5.58
Trend Micro Officescan Corporate 3.13
Trend Micro Officescan Corporate 3.5
NA
CVE-2004-2006
Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection.
Trend Micro Officescan 3.0
Trend Micro Officescan Corporate 5.02
Trend Micro Officescan Corporate 5.58
Trend Micro Officescan Corporate 3.5
Trend Micro Officescan Corporate 3.54
Trend Micro Officescan Corporate 3.11
Trend Micro Officescan Corporate 3.13
NA
CVE-2006-5212
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 prior to 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 prior to 6.5.0.1418, 7.0 prior to 7.0.0.1257, and 7.3 prior to 7.3.0.1053 allow remote malicious users to delete files via a modified fil...
Trend Micro Officescan 6.0
Trend Micro Officescan Corporate 6.5
Trend Micro Officescan Corporate 7.0
Trend Micro Officescan Corporate 7.3
7.5
CVSSv3
CVE-2017-14086
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to b...
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-14087
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an malicious user to spoof a particular Host header, allowing the malicious user to render arbitrary links that point to a malicious website with poisoned Host header webpages.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-14089
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
6.3
CVSSv3
CVE-2018-10358
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local malicious user to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. An attacker must first o...
Trendmicro Officescan Xg
Trendmicro Officescan 11.0
6.3
CVSSv3
CVE-2018-10359
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local malicious user to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first o...
Trendmicro Officescan 11.0
Trendmicro Officescan Xg
6.3
CVSSv3
CVE-2018-10505
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local malicious user to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first o...
Trendmicro Officescan Xg
Trendmicro Officescan 11.0
8.1
CVSSv3
CVE-2017-14084
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow malicious users to execute arbitrary code on vulnerable installations.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »