CVE-2006-5211
CVE-2006-5211 is a medium-severity vulnerability in Trend Micro Officescan Corporate Edition with a CVSS 2.0 base score of 6.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.4)
- EPSS exploit prediction: 3% (84th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Trend Micro Officescan Corporate Edition
- Published:
- Last modified:
Description
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program.
Frequently asked questions
- What is CVE-2006-5211?
- Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program.
- How severe is CVE-2006-5211?
- CVE-2006-5211 has a CVSS 2.0 base score of 6.4, rated medium severity.
- Is CVE-2006-5211 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 3% (84th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2006-5211?
- CVE-2006-5211 primarily affects Trend Micro Officescan Corporate Edition. In total, 3 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2006-5211?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2006-5211 published?
- CVE-2006-5211 was published on 2006-10-10 and last updated on 2026-06-16.
References
- http://secunia.com/advisories/22156
- http://www.securityfocus.com/bid/20330
- http://www.trendmicro.com/download/product.asp?productid=5
- http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt
- http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt
- http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt
- http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1257_readme.txt
- http://www.vupen.com/english/advisories/2006/3882
Affected products (3)
- cpe:2.3:a:trend_micro:officescan_corporate_edition:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan_corporate_edition:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan_corporate_edition:7.3:*:*:*:*:*:*:*
More vulnerabilities in Trend Micro Officescan Corporate Edition
- CVE-2007-0325 — Critical (CVSS 9.3): Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in…
- CVE-2008-1365 — Medium (CVSS 6.4): Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3…
- CVE-2008-1366 — Medium (CVSS 5.0): Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier,…
All CVEs affecting Trend Micro Officescan Corporate Edition →