Trendmicro Officescan
13 CVEs affecting Trendmicro Officescan. Latest disclosed: 2017-10-06. Critical: 3, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14089 | Critical | 9.8 | 2017-10-06 | An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan serv… |
CVE-2017-11394 | Critical | 9.8 | 2017-08-03 | Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. T… |
CVE-2017-11393 | Critical | 9.8 | 2017-08-03 | Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. T… |
CVE-2017-5481 | High | 8.8 | 2017-05-03 | Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted… |
CVE-2017-14084 | High | 8.1 | 2017-10-06 | A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable ins… |
CVE-2017-14087 | High | 7.5 | 2017-10-06 | A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to ren… |
CVE-2017-14086 | High | 7.5 | 2017-10-06 | Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan serv… |
CVE-2017-14083 | High | 7.5 | 2017-10-06 | A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. |
CVE-2017-14088 | High | 7.0 | 2017-10-06 | Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate priv… |
CVE-2017-8801 | Medium | 6.1 | 2017-05-05 | Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website. |
CVE-2017-14085 | Medium | 5.3 | 2017-10-06 | Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the… |
CVE-2016-1223 | Medium | 5.3 | 2016-06-19 | Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote… |
CVE-2010-0564 | | 2010-02-10 | Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows a… |