Unauthenticated Remote Access to Sensitive Information in Trend Micro OfficeScan Corporate Edition
CVE-2001-1151 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
Learn more about our Cis Benchmark Audit For Microsoft Office.