RSS   Vulnerabilities for 'Worry free business security'   RSS

2008-10-03
 
CVE-2008-2439

CWE-22
 

 
Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party information.

 
2008-08-27
 
CVE-2008-2433

CWE-287
 

 
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration."

 

 >>> Vendor: Trend micro 67 Products
Interscan viruswall
Pc-cillin
Officescan
Virus buster 2001
Scanmail exchange
Interscan webmanager
Virus control system
Interscan emanager
Interscan applettrap
Virus buster
Interscan viruswall for windows nt
Damage cleanup server
Housecall
Scanmail
Scanmail domino
Control manager
Client-server-messaging suite smb
Client-server suite smb
Interscan messaging security suite
Interscan web security suite
Interscan webprotect
Portalprotect
Scanmail emanager
Serverprotect
Serverprotect earthagent
Antispyware
Pc-cillin 2005
Pc-cillin 2006
Scan engine
Officescan corporate edition
Pc cillin - internet security 2006
Client-server-messaging security
Viruswall
Interscan viruswall scan engine
Pc-cillin internet security
Scanning engine
Web security suite
Webprotect
Damage cleanup services
Tmcomm.sys
Trend micro antirootkit common module
Trend micro antispyware
Trend micro antivirus
Vsapini.sys
Pc-cillin internet security 2007
Trend micro antivirus plus antispyware
Trend micro internet security virus bust
Trend micro internet security pro
Client server messaging suite
Worry free business security
Internet security 2007
Internet security 2008
Interscan web security virtual appliance
Mobile security
Interscan messaging security virtual appliance
Deep discovery inspector
Password manager
Email encryption gateway
Business security
Business security services
Office scan
Virtual mobile infrastructure
Smart protection server
Endpoint sensor
Deep security
Security
Worry-free business security


Copyright 2024, cxsecurity.com

 

Back to Top