Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Windows >> Trend Micro officescan remote buffer overflow vulnerability


Vulnerability Assessment Details

Trend Micro officescan remote buffer overflow vulnerability

Vulnerability Assessment Summary
Checks if vulnerable version Trend Micro Office scan is installed

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote Windows host is affected by a remote buffer overflow
vulnerability.

Description :

The remote host is running Trend Micro Antivirus, a commercial
anti-virus software package for Windows. The remote version of the
installed antivirus is vulnerable to a remote buffer overflow
vulnerability. The issue exists due a vulnerability in the ActiveX
control installed by the OfficeScan server during a web install of the
OfficeScan clients. The clients cache this ActiveX control which can
be exploited by a malicious website. The attacker can trigger this
issue by enticing a user to click on a malicious link or sending the
the link in an email and urging the user to click on it. Successful
exploitation of this issue might result in arbitrary code execution.

See also:

http://www.nessus.org/u?62e87258
http://www.nessus.org/u?14064dc2
http://www.nessus.org/u?2b2f278b
http://www.nessus.org/u?ad4ca3ae

Solution :

Apply the security patch released by the vendor.

Network Security Threat Level:

High / CVSS Base Score : 8.0
(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)

Networks Security ID: 22585

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security, Inc

Cables, Connectors

GIGABYTE GA-EP43-UD3L R1.1 LGA 775 Intel P43 Overclocking ATX Intel Motherboard
$69.99
GIGABYTE GA-EP43-UD3L R1.1 LGA 775 Intel P43 Overclocking ATX Intel Motherboard pictureGigabyte Technology GA-Z77X-UD3H, LGA 1155, Intel (GA-Z77X-UD3H (rev. 1.0)) Mot…
$18.8
Gigabyte Technology GA-Z77X-UD3H, LGA 1155, Intel (GA-Z77X-UD3H (rev. 1.0)) Mot… pictureLENOVO YOGA 710-11ISK INTEL MOTHERBOARD NM-A771 5B20L46167 8S5B20L46167 GRADE A
$118.0
LENOVO YOGA 710-11ISK INTEL MOTHERBOARD NM-A771 5B20L46167 8S5B20L46167 GRADE A pictureApple MacBook Air A1370 Logic Board I5-2475M 1.6GHZ Mid 2011 C02HK3FRDJYC
$199.0
Apple MacBook Air A1370 Logic Board  I5-2475M 1.6GHZ  Mid 2011 C02HK3FRDJYC picture


Discussions

No Discussions have been posted on this vulnerability.