Vulnerabilites related to trend_micro - scanmail
Vulnerability from fkie_nvd
Published
2015-05-14 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | scanmail | 10.2 | |
| trend_micro | scanmail | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:10.2:*:*:*:*:microsoft_exchange:*:*",
"matchCriteriaId": "81774648-66B6-4531-80AC-44B97AB9F4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:11.0:*:*:*:*:microsoft_exchange:*:*",
"matchCriteriaId": "3C237907-068E-4ECF-862D-4DF7220C539B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
},
{
"lang": "es",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 anterior a Hot Fix Build 3318 y 11.0 anterior a Hot Fix Build 4180 crea identificadores de sesi\u00f3n para la consola web utilizando un generador de n\u00fameros aleatorios con valores previsibles, lo que facilita a atacantes remotos evadir la autenticaci\u00f3n a trav\u00e9s de un ataque de fuerza bruta."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/330.html\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e",
"id": "CVE-2015-3326",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-14T00:59:03.647",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74661"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032323"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | scanmail | * | |
| trend_micro | scanmail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:*:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "36DE05EF-199B-4BB9-9EA7-1B30926C0686",
"versionEndIncluding": "3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:*:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E5F6A598-BBD4-42FE-B5BB-FB07CE4037F5",
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly \"3560121183d3\"."
}
],
"id": "CVE-2003-1343",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html"
},
{
"source": "cve@mitre.org",
"url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/7881"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/6619"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/7881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/6619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11061"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-08 18:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068639F9-89E0-4B19-9E24-550087080419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4801FB64-FFC4-4167-9855-69EB8A424EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:linux_5.1.1:*:*:*:*:*",
"matchCriteriaId": "0D03DBA4-3F2D-433A-8D17-01B4D7E16EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183:*:*:*:*:*:*:*",
"matchCriteriaId": "E4587F87-E033-4636-9B61-18D1A7AA54D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "29DA2B3D-D055-4328-8AD3-B5B407B17328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D948171A-3B54-462A-8B2E-2C0266A37E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9D4E2E-889B-4233-8887-9CF00A5023A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F35126E8-F926-4C0B-B37F-AFE78DD2526F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182:*:*:*:*:*:*:*",
"matchCriteriaId": "DA820000-7608-4E3B-A05D-0C3CFC35227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166:*:*:*:*:*:*:*",
"matchCriteriaId": "20349641-1EAD-4401-996F-15C131574F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA147F1-224C-4230-9831-5EB153748793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190:*:*:*:*:*:*:*",
"matchCriteriaId": "E2417050-7F5A-4702-A6F5-DFEFE96CCD78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9F63FB-7B5F-49AF-BC84-B3250A08720A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2F72A6DE-BA1B-4907-B19D-D71B172BB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.81:*:linux:*:*:*:*:*",
"matchCriteriaId": "37ECAEF4-8A0D-4B90-8E4A-62BA72DAA702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F81C82F-4997-4D4E-981B-F1601A8AD281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3120FB-140A-458B-8926-7FE3593331FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B9239FE6-7FE3-4013-8E73-DE648F24EFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "12023885-3D72-4CE4-B60F-F91EEE0C9153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0B132F48-3C0D-4DC9-9255-BB2D1CEBF855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466:*:*:*:*:*:*:*",
"matchCriteriaId": "772DC29B-9C2C-4446-9352-6707E6B6F08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3079D9E-853D-46D3-92E8-E125CC800DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ADC38A-3C58-42B3-9396-0D7B14EA0B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DC6D16A-3D1C-4AA6-B039-BFF5BEE64693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux_1.0.0_ja:*:*:*:*:*",
"matchCriteriaId": "110A575E-761B-4DD7-B4BE-B9AD22C85213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:4.5.0:*:microsof_sbs:*:*:*:*:*",
"matchCriteriaId": "11302ED5-C1AB-40D0-B019-A85C43E362D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD1ADE-408F-45D0-BD0B-FBC83ED976F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "567D7B70-7FE7-4C4F-8D09-C72E28F04FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78CDE85D-4C4B-42D0-BF64-11E880168A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E455A061-A34B-4AB7-88C7-222DB08BED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB1055E-31AA-44DE-A74C-8678A0C268C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*",
"matchCriteriaId": "408D7C07-D6CF-4722-AB74-70DE7C114FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:*",
"matchCriteriaId": "26DA917A-B842-40E7-B3A1-8546ADBB401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3D9AE-690A-4ACE-B6A2-E83F1B7C5507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B425-D79F-4B5F-A588-5DCDCFB87B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D237983-725B-43B5-B733-D25397A846C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.2:*:sharepoint:*:*:*:*:*",
"matchCriteriaId": "1F34805C-1602-45F7-8C03-D585D2F44594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71DAD29C-23D7-45C0-8B1B-AD9CD260EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanning_engine:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB5BDA1-06D4-49B9-99CD-F8B67A5EB895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7ACC41-E475-4770-B446-4B41EE008A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*",
"matchCriteriaId": "5E2F6774-B29F-47E6-8E50-8CF4D9AB3EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB7A187-75F5-41B5-A6A9-2C28AC5F0F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42A4608B-A7E7-4217-8F88-C12E9DEC9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:novell_netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1B8E24-4A28-4110-8DF4-72A5D19FAEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0BE038-C7F1-45FE-BE54-3D4245B3F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:viruswall:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABCB699-614A-45A5-B906-7650BB32EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:web_security_suite:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96D764CC-3574-4D95-8EA2-2C02F36EF133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:webprotect:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21F178A5-CEAF-407F-BDE1-2328A4B959A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versi\u00f3n 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un ejecutable comprimido UPX malformado."
}
],
"evaluatorImpact": "Failed exploit attempts will likely cause a denial-of-service condition.",
"id": "CVE-2007-0851",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-08T18:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33038"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "cve@mitre.org",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.4:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "75734296-9435-4A96-B30C-572BF1BBAD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "61C0968D-D8F1-450C-B4E9-94535B4CF637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:unix:*:*:*:*:*",
"matchCriteriaId": "1D8580C2-B757-4C4C-A9B6-960905101E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "15B05F1A-7AA1-46E5-947B-C422F9618F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "EB4F32FC-8391-4B3B-AA42-07E392053A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52_build1466:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "1BF5CF24-83B8-4AC3-A849-C56979CB38DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*",
"matchCriteriaId": "FB28FE16-F163-4287-9A4E-843C2E67792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*",
"matchCriteriaId": "6E8704FA-AA3C-4664-A5AA-50F60AE77642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "BEDB64E2-6157-47C1-842E-26A40A885ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"id": "CVE-2005-0533",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-3326 (GCVE-0-2015-3326)
Vulnerability from cvelistv5
Published
2015-05-14 00:00
Modified
2024-08-06 05:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"name": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html",
"refsource": "MISC",
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3326",
"datePublished": "2015-05-14T00:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1343 (GCVE-0-2003-1343)
Vulnerability from cvelistv5
Published
2007-10-14 19:00
Modified
2024-08-08 02:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:02.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352"
},
{
"name": "scanmail-smgsmxcfg30-password-bypass(11061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11061"
},
{
"name": "6619",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6619"
},
{
"name": "20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly \"3560121183d3\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352"
},
{
"name": "scanmail-smgsmxcfg30-password-bypass(11061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11061"
},
{
"name": "6619",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6619"
},
{
"name": "20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly \"3560121183d3\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7881"
},
{
"name": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352",
"refsource": "CONFIRM",
"url": "http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352"
},
{
"name": "scanmail-smgsmxcfg30-password-bypass(11061)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11061"
},
{
"name": "6619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6619"
},
{
"name": "20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1343",
"datePublished": "2007-10-14T19:00:00",
"dateReserved": "2007-10-14T00:00:00",
"dateUpdated": "2024-08-08T02:28:02.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0851 (GCVE-0-2007-0851)
Vulnerability from cvelistv5
Published
2007-02-08 18:00
Modified
2024-08-07 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017601",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22449"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017603"
},
{
"name": "http://www.jpcert.or.jp/at/2007/at070004.txt",
"refsource": "MISC",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"refsource": "OSVDB",
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0851",
"datePublished": "2007-02-08T18:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0533 (GCVE-0-2005-0533)
Vulnerability from cvelistv5
Published
2005-02-24 05:00
Modified
2024-08-07 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-02-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0533",
"datePublished": "2005-02-24T05:00:00",
"dateReserved": "2005-02-24T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}