Trend Micro: >> Officescan >> corporate_5.02 Security Vulnerabilities
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
CVSS Score
9.3
EPSS Score
0.35
Published
2007-02-08
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
CVSS Score
7.5
EPSS Score
0.07
Published
2005-05-02
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-12-31
Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-05-07
Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 (POP3).
CVSS Score
4.6
EPSS Score
0.003
Published
2002-12-18