CVE-2004-2430 — Micro Officescan vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 70.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Officescan

Timeline

PublishedDec 31

Latest updateApr 29

Description

Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDtrend_micro/officescan8 versions+7

Patches

Patch: secunia.com ↗Patch: uk.trendmicro-europe.com ↗Patch: www.osvdb.org ↗

🔴Vulnerability Details

GHSA

GHSA-75wm-fxcm-grpj: Trend OfficeScan Corporate Edition 5↗2022-04-29

▶

CVEList

CVE-2004-2430: Trend OfficeScan Corporate Edition 5↗2005-08-18

▶