This page lists publicly disclosed CVE vulnerabilities affecting trend_micro scanmail (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-3326 | Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack. | [email protected] | 5.0 | 2.30% | 2015-05-14 | 2026-05-06 |
| CVE-2007-0851 | Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. | [email protected] | 9.3 | 8.30% | 2007-02-08 | 2026-04-23 |
| CVE-2005-0533 | Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | [email protected] | 7.5 | 4.41% | 2005-05-02 | 2026-04-16 |
| CVE-2003-1343 | Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | [email protected] | 7.5 | 2.62% | 2003-12-31 | 2026-04-16 |