Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Trend Micro OfficeScan < 7.3 Build 3172 Client Traversal Arbitrary File Access

Medium

Synopsis

The remote web server is affected by a directory traversal issue.

Description

The version of Trend Micro OfficeScan client running on the remote host is affected by a directory traversal issue, which can be leveraged by an unauthenticated remote attacker to read arbitrary files on the remote host. Note that successful exploitation requires that 'Tmlisten.exe' be configured to receive updates from other clients.

Solution

Upgrade to version 7.3 Build 3172 or higher.