Trend Micro Serverprotect vulnerabilities

CVE-2006-6458 [HIGH] CVE-2006-6458: The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in T The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_

CVE-2006-0642 [MEDIUM] CVE-2006-0642: Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Se Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed arch

CVE-2005-1929 [HIGH] CWE-119 CVE-2005-1929: Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro Serve Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report sugges

CVE-2005-1930 [MEDIUM] CVE-2005-1930: Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro Ser Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter.

CVE-2005-0533 [HIGH] CVE-2005-0533: Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.