Unauthenticated Remote Access to Sensitive Information in Trend Micro OfficeScan Corporate Edition

Unauthenticated Remote Access to Sensitive Information in Trend Micro OfficeScan Corporate Edition

CVE-2001-1151 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.

Learn more about our Cis Benchmark Audit For Microsoft Office.