Filtered by vendor Trend Micro Subscriptions
Filtered by product Serverprotect Subscriptions
Total 25 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-5268 1 Trend Micro 1 Serverprotect 2024-11-21 N/A
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."
CVE-2006-0642 1 Trend Micro 3 Interscan Messaging Security Suite, Interscan Web Security Suite, Serverprotect 2024-11-21 N/A
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
CVE-2005-1930 1 Trend Micro 1 Serverprotect 2024-11-21 N/A
Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter.
CVE-2005-1929 1 Trend Micro 1 Serverprotect 2024-11-21 N/A
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
CVE-2005-0533 1 Trend Micro 15 Client-server-messaging Suite Smb, Client-server Suite Smb, Control Manager and 12 more 2024-11-21 N/A
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.