Product:

Officescan

(Trendmicro)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 71
Date Id Summary Products Score Patch Annotated
2021-04-13 CVE-2021-25250 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-04-13 CVE-2021-25253 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-04-13 CVE-2021-28645 An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-04-13 CVE-2021-28646 An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations. Apex_one, Officescan 5.5
2021-08-04 CVE-2021-32464 An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-08-04 CVE-2021-32465 An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 8.8
2008-08-27 CVE-2008-2433 The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." Client_server_messaging_suite, Officescan, Worry\-Free_business_security 9.8
2019-04-05 CVE-2019-9489 A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. Apex_one, Apex_one_as_a_service, Business_security, Officescan, Worry\-Free_business_security 7.5
2018-02-16 CVE-2018-6218 A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. Deep_security, Endpoint_sensor, Officescan, Security, Worry\-Free_business_security 7.0
2016-06-19 CVE-2016-1223 Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors. Officescan, Worry\-Free_business_security, Worry\-Free_business_security_services 5.3