Trend Micro: >> Serverprotect >> 1.25_2007-02-16 Security Vulnerabilities
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
CVSS Score
7.5
EPSS Score
0.013
Published
2007-03-02
The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.
CVSS Score
5.0
EPSS Score
0.002
Published
2007-03-02
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
CVSS Score
7.5
EPSS Score
0.07
Published
2005-05-02