icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Trend Micro OfficeScan HTTP Request Buffer Overflow

High

Synopsis

The remote host contains an application that is affected by a buffer overflow vulnerability.

Description

Trend Micro OfficeScan is installed on the remote host. The installed version is affected by a buffer overflow vulnerability. By sending a specially crafted HTTP request to Trend Micro OfficeScan server CGI modules, it may be possible to trigger a stack based buffer overflow. Successful exploitation of this issue may result in arbitrary code execution on the remote system.

Solution

Upgrade to :\n\n - Trend Micro OfficeScan 7.3 Build 1374 or higher\n - Trend Micro OfficeScan 8.0 Build 3110 or higher