Trend Micro OfficeScan Multiple CGI Module Vulnerabilities

High Nessus Plugin ID 34363


The remote host contains an application that is affected by multiple vulnerabilities.


The remote host is either running Worry-Free Business Security or Trend Micro OfficeScan/Trend Micro OfficeScan client. The installed version is affected by multiple vulnerabilities :

- If Trend Micro OfficeScan client 'Tmlisten.exe' is configured to receive updates from other clients, it may be possible to launch a directory traversal attack against the remote host, and read arbitrary files.

- A vulnerability in Trend Micro OfficeScan server CGI modules could be exploited to trigger a buffer overflow issue and execute arbitrary code on the remote system with web server privileges.

- A NULL pointer dereference issue could be exploited to trigger a denial of service condition on the remote system.


Upgrade to :

- Trend Micro OfficeScan 7.3 Build 1372.
- Trend Micro OfficeScan 8.0 Build 2439/3087 depending on the current OfficeScan patch level.
- Worry-Free Business Security 5.0 Build 1414.

See Also

Plugin Details

Severity: High

ID: 34363

File Name: trendmicro_officescan_multiple_vulns.nasl

Version: $Revision: 1.20 $

Type: local

Agent: windows

Family: Windows

Published: 2008/10/08

Modified: 2016/11/23

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:trend_micro:officescan

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/09/30

Reference Information

CVE: CVE-2008-2439, CVE-2008-4402, CVE-2008-4403

BID: 31531

OSVDB: 48730, 48801, 48802

Secunia: 32097, 31343

CWE: 22, 119, 399