vendor:
OfficeScan Corporate Edition
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow and Denial of Service
119
CWE
Product Name: OfficeScan Corporate Edition
Affected Version From: OfficeScan Corporate Edition 8.0 Patch 2 Build 1189 and earlier
Affected Version To: OfficeScan Corporate Edition 7.0 Patch 3 Build 1314 and earlier
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Trend Micro OfficeScan Corporate Edition Buffer Overflow and Denial of Service Vulnerabilities
Trend Micro OfficeScan Corporate Edition is prone to a buffer-overflow vulnerability and a denial-of-service vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Successful exploits may allow an attacker to execute arbitrary code with privileges of the user running the application. This may facilitate a complete compromise of vulnerable computers. Failed exploit attempts will likely result in denial-of-service conditions.
Mitigation:
Upgrade to the latest version of Trend Micro OfficeScan Corporate Edition.
