Vulnerability Description
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Officescan | 6.0 |
References
- http://secunia.com/advisories/22156Vendor Advisory
- http://www.securityfocus.com/bid/20330
- http://www.trendmicro.com/download/product.asp?productid=5Patch
- http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatchVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatchVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3882
- http://secunia.com/advisories/22156Vendor Advisory
- http://www.securityfocus.com/bid/20330
- http://www.trendmicro.com/download/product.asp?productid=5Patch
- http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatchVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatchVendor Advisory
- http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_Vendor Advisory
FAQ
What is CVE-2006-5212?
CVE-2006-5212 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7....
How severe is CVE-2006-5212?
CVE-2006-5212 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5212?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Officescan.