|
|
| |
| "Protect your desktops, laptops, and file servers with OfficeScan, comprehensive security against today's complex, blended threats and Web-based attacks." Secunia Research has discovered a vulnerability in Trend Micro OfficeScan Server, which can be exploited by malicious people to compromise a vulnerable system. |
| |
Credit:
The information has been provided by Secunia Research.
The original article can be found at: http://secunia.com/secunia_research/2008-40/
|
| |
Vulnerable Systems:
* Trend Micro OfficeScan version 7.3 patch 4 build 1367
A boundary error when parsing CGI requests can be exploited to cause a stack-based buffer overflow via an HTTP POST request to an affected CGI executable with specially crafted form data.
Successful exploitation allows execution of arbitrary code.
Solution:
Apply patches available from Trend Micro.
Time Table:
24/09/2008 - Vendor notified.
24/09/2008 - Vendor response.
30/09/2008 - Vendor confirms vulnerability.
22/10/2008 - Public disclosure.
CVE Information:
CVE-2008-3862
|
|
|
