Vulnerabilities (CVE)

Filtered by vendor Trend Micro Subscribe
Filtered by product Internet Security 2007
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3866 1 Trend Micro 3 Internet Security 2007, Internet Security 2008, Officescan 2024-11-21 4.6 MEDIUM N/A
The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.
CVE-2008-3865 1 Trend Micro 3 Internet Security 2007, Internet Security 2008, Officescan 2024-11-21 10.0 HIGH N/A
Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.
CVE-2008-3864 1 Trend Micro 3 Internet Security 2007, Internet Security 2008, Officescan 2024-11-21 5.0 MEDIUM N/A
The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field.