Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for virus_buster by trend_micro

    CVE-2003-1341 (GCVE-0-2003-1341)

    Vulnerability from cvelistv5 – Published: 2007-10-14 19:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/6181 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/7881 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://kb.trendmicro.com/solutions/solutionDetail… x_refsource_CONFIRM
    http://archives.neohapsis.com/archives/vulnwatch/… mailing-listx_refsource_VULNWATCH
    http://www.securityfocus.com/bid/6616 vdb-entryx_refsource_BID
    Date Public
    2003-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:02.845Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "6181",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6181"
              },
              {
                "name": "7881",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/7881"
              },
              {
                "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
              },
              {
                "name": "20030114 Assorted Trend Vulns Rev 2.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
              },
              {
                "name": "6616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6616"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "6181",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6181"
            },
            {
              "name": "7881",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/7881"
            },
            {
              "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
            },
            {
              "name": "20030114 Assorted Trend Vulns Rev 2.0",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
            },
            {
              "name": "6616",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6616"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1341",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "6181",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6181"
                },
                {
                  "name": "7881",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/7881"
                },
                {
                  "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
                },
                {
                  "name": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353",
                  "refsource": "CONFIRM",
                  "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
                },
                {
                  "name": "20030114 Assorted Trend Vulns Rev 2.0",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
                },
                {
                  "name": "6616",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6616"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1341",
        "datePublished": "2007-10-14T19:00:00.000Z",
        "dateReserved": "2007-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:02.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1150 (GCVE-0-2001-1150)

    Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.iss.net/security_center/static/7014.php vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/210087 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/209375 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3216 vdb-entryx_refsource_BID
    Date Public
    2001-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:08.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "officescan-iuser-read-files(7014)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/7014.php"
              },
              {
                "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/210087"
              },
              {
                "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/209375"
              },
              {
                "name": "3216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3216"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-22T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "officescan-iuser-read-files(7014)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/7014.php"
            },
            {
              "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/210087"
            },
            {
              "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/209375"
            },
            {
              "name": "3216",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3216"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1150",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "officescan-iuser-read-files(7014)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/7014.php"
                },
                {
                  "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/210087"
                },
                {
                  "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/209375"
                },
                {
                  "name": "3216",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3216"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1150",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:08.063Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1151 (GCVE-0-2001-1151)

    Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:08.135Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
              },
              {
                "name": "officescan-config-file-access(7286)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
              },
              {
                "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/220666"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
            },
            {
              "name": "officescan-config-file-access(7286)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
            },
            {
              "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/220666"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318",
                  "refsource": "MISC",
                  "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
                },
                {
                  "name": "officescan-config-file-access(7286)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
                },
                {
                  "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/220666"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1151",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:08.135Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1341 (GCVE-0-2003-1341)

    Vulnerability from nvd – Published: 2007-10-14 19:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/6181 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/7881 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://kb.trendmicro.com/solutions/solutionDetail… x_refsource_CONFIRM
    http://archives.neohapsis.com/archives/vulnwatch/… mailing-listx_refsource_VULNWATCH
    http://www.securityfocus.com/bid/6616 vdb-entryx_refsource_BID
    Date Public
    2003-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:02.845Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "6181",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/6181"
              },
              {
                "name": "7881",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/7881"
              },
              {
                "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
              },
              {
                "name": "20030114 Assorted Trend Vulns Rev 2.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
              },
              {
                "name": "6616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6616"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "6181",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/6181"
            },
            {
              "name": "7881",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/7881"
            },
            {
              "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
            },
            {
              "name": "20030114 Assorted Trend Vulns Rev 2.0",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
            },
            {
              "name": "6616",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6616"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1341",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "6181",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/6181"
                },
                {
                  "name": "7881",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/7881"
                },
                {
                  "name": "officescan-cgichkmasterpwd-auth-bypass(11059)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11059"
                },
                {
                  "name": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353",
                  "refsource": "CONFIRM",
                  "url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353"
                },
                {
                  "name": "20030114 Assorted Trend Vulns Rev 2.0",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html"
                },
                {
                  "name": "6616",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6616"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1341",
        "datePublished": "2007-10-14T19:00:00.000Z",
        "dateReserved": "2007-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:02.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1151 (GCVE-0-2001-1151)

    Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:08.135Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
              },
              {
                "name": "officescan-config-file-access(7286)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
              },
              {
                "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/220666"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
            },
            {
              "name": "officescan-config-file-access(7286)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
            },
            {
              "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/220666"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318",
                  "refsource": "MISC",
                  "url": "http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318"
                },
                {
                  "name": "officescan-config-file-access(7286)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7286"
                },
                {
                  "name": "20011015 [SNS Advisory No.44] Trend Micro OfficeScan Corporate Edition(Virus Buster Corporate Edition)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/220666"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1151",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:08.135Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1150 (GCVE-0-2001-1150)

    Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 04:44
    VLAI
    Summary
    Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.iss.net/security_center/static/7014.php vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/210087 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/209375 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3216 vdb-entryx_refsource_BID
    Date Public
    2001-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:44:08.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "officescan-iuser-read-files(7014)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/7014.php"
              },
              {
                "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/210087"
              },
              {
                "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/209375"
              },
              {
                "name": "3216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3216"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-22T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "officescan-iuser-read-files(7014)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/7014.php"
            },
            {
              "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/210087"
            },
            {
              "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/209375"
            },
            {
              "name": "3216",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3216"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1150",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "officescan-iuser-read-files(7014)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/7014.php"
                },
                {
                  "name": "20010824 [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/210087"
                },
                {
                  "name": "20010822 [SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/209375"
                },
                {
                  "name": "3216",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3216"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1150",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:44:08.063Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }