PT-2004-2902 · Trend Micro · Trend Micro Officescan

Matt

Published

2004-05-07

Updated

2017-07-11

CVE-2004-2006

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan versions 3.0 through 6.0

Description The issue allows local users to disable virus protection due to default permissions of "Everyone Full Control" on the installation directory and registry keys.

Recommendations For Trend Micro OfficeScan versions 3.0 through 6.0, consider changing the default permissions on the installation directory and registry keys to prevent local users from modifying them, thereby protecting virus protection settings.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2006

Affected Products

Trend Micro Officescan

PT-2004-2902 · Trend Micro · Trend Micro Officescan

CVE-2004-2006

Related Identifiers

Affected Products

References · 7