Trend Micro OfficeScan OfficeScanSetupINI.dll Remote Buffer Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host is affected by a remote buffer overflow

Description :

The remote host is running Trend Micro Antivirus, a commercial anti-
virus software package for Windows.

The remote version of the installed antivirus is vulnerable to a
remote buffer overflow attack.

The issue exists due a vulnerability in the ActiveX control installed
by the OfficeScan server during a web install of the OfficeScan
clients. The clients cache this ActiveX control, which can be
exploited by a malicious website. The attacker can trigger this issue
by enticing a user to click on a malicious link or sending the link in
an email and urging the user to click on it. Successful exploitation
of this issue might result in arbitrary code execution.

See also :

Solution :

Apply the security patch released by the vendor.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 24683 ()

Bugtraq ID: 22585

CVE ID: CVE-2007-0325

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now