| VID |
23172 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The OfficeScan server is vulnerable to two buffer overflow vulnerabilities which exist in version 7.3. OfficeScan, developed by Trend Micro, Inc., is an antivirus application for Microsoft Windows operating systems. OfficeScan Server version 7.3 is vulnerable to multiple buffer overflow vulnerabilities in the CgiRemoteInstall.exe and Wizard.exe components in the \PCCSRV\Web_console\RemoteInstallCGI folder. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the OfficeScan server with SYSTEM privileges.
* Platforms Affected:
Trend Micro, Inc., OfficeScan Server version 7.3
Microsoft Windows Any version |
| Recommendation |
Install 2 patches for OfficeScan 7.3, as listed in Trend Micro, Inc. Web sites:
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
