Vulnerability Details CVE-2001-1151
Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/archive/1/220666
- http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7286
- http://www.securityfocus.com/archive/1/220666
- http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7286
Products affected by CVE-2001-1151
-
cpe:2.3:a:trend_micro:officescan:corporate_3.53
-
cpe:2.3:a:trend_micro:virus_buster:corporate_3.53