Trend Micro OfficeScan OfficeScanSetupINI.dll Remote Buffer Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a remote buffer overflow
vulnerability.

Description :

The remote host is running Trend Micro Antivirus, a commercial anti-
virus software package for Windows.

The remote version of the installed antivirus is vulnerable to a
remote buffer overflow attack.

The issue exists due a vulnerability in the ActiveX control installed
by the OfficeScan server during a web install of the OfficeScan
clients. The clients cache this ActiveX control, which can be
exploited by a malicious website. The attacker can trigger this issue
by enticing a user to click on a malicious link or sending the link in
an email and urging the user to click on it. Successful exploitation
of this issue might result in arbitrary code execution.

See also :

http://www.nessus.org/u?62e87258
http://www.nessus.org/u?14064dc2
http://www.nessus.org/u?2b2f278b
http://www.nessus.org/u?ad4ca3ae

Solution :

Apply the security patch released by the vendor.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 24683 ()

Bugtraq ID: 22585

CVE ID: CVE-2007-0325

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now