Search criteria
8 vulnerabilities found for officescan_corporate_edition by trend_micro
CVE-2008-1365 (GCVE-0-2008-1365)
Vulnerability from nvd – Published: 2008-03-17 22:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0702",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "http://aluigi.altervista.org/adv/officescaz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1365",
"datePublished": "2008-03-17T22:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1366 (GCVE-0-2008-1366)
Vulnerability from nvd – Published: 2008-03-17 22:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019522"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019522"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0702",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019522"
},
{
"name": "http://aluigi.altervista.org/adv/officescaz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1366",
"datePublished": "2008-03-17T22:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0325 (GCVE-0-2007-0325)
Vulnerability from nvd – Published: 2007-02-20 17:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:18.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33040"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33040"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-0325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"refsource": "OSVDB",
"url": "http://osvdb.org/33040"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-0325",
"datePublished": "2007-02-20T17:00:00",
"dateReserved": "2007-01-17T00:00:00",
"dateUpdated": "2024-08-07T12:12:18.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5211 (GCVE-0-2006-5211)
Vulnerability from nvd – Published: 2006-10-09 21:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20330",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20330"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22156"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20330",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20330"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22156"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20330"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22156"
},
{
"name": "http://www.trendmicro.com/download/product.asp?productid=5",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5211",
"datePublished": "2006-10-09T21:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1365 (GCVE-0-2008-1365)
Vulnerability from cvelistv5 – Published: 2008-03-17 22:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0702",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "1019523",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019523"
},
{
"name": "28020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "http://aluigi.altervista.org/adv/officescaz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1365",
"datePublished": "2008-03-17T22:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1366 (GCVE-0-2008-1366)
Vulnerability from cvelistv5 – Published: 2008-03-17 22:00 – Updated: 2024-08-07 08:17
VLAI?
Summary
Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019522"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0702",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019522"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0702",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0702"
},
{
"name": "28020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28020"
},
{
"name": "1019522",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019522"
},
{
"name": "http://aluigi.altervista.org/adv/officescaz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/officescaz-adv.txt"
},
{
"name": "29124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1366",
"datePublished": "2008-03-17T22:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0325 (GCVE-0-2007-0325)
Vulnerability from cvelistv5 – Published: 2007-02-20 17:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:18.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33040"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33040"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-0325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288"
},
{
"name": "22585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22585"
},
{
"name": "VU#784369",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/784369"
},
{
"name": "ADV-2007-0638",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0638"
},
{
"name": "1017664",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017664"
},
{
"name": "24193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24193"
},
{
"name": "33040",
"refsource": "OSVDB",
"url": "http://osvdb.org/33040"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-0325",
"datePublished": "2007-02-20T17:00:00",
"dateReserved": "2007-01-17T00:00:00",
"dateUpdated": "2024-08-07T12:12:18.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5211 (GCVE-0-2006-5211)
Vulnerability from cvelistv5 – Published: 2006-10-09 21:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20330",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20330"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22156"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20330",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20330"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22156"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20330"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt"
},
{
"name": "ADV-2006-3882",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3882"
},
{
"name": "22156",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22156"
},
{
"name": "http://www.trendmicro.com/download/product.asp?productid=5",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download/product.asp?productid=5"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5211",
"datePublished": "2006-10-09T21:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}