This host is installed with Trend Micro OfficeScan and is prone to stack based buffer overflow vulnerability. The vulnerability is due to boundary error in the CGI modules when processing specially crafted HTTP request.

Allows an attacker to execute arbitrary code, which may facilitate a complete compromise of vulnerable system. Impact Level: Application

Apply patch Apply patch Trend Micro OfficeScan Corporate Edition 8.0 from, http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_SP1_Patch1_Win_EN_CriticalPatch_B3110.exe Apply patch Trend Micro OfficeScan Corporate Edition 7.3 from, http://www.trendmicro.com/ftp/products/patches/OSCE_7.3_Win_EN_CriticalPatch_B1374.exe ***** NOTE: Ignore this warning, if above mentioned patch is already applied. *****

TrendMicro OfficeScan Corporate Edition 7.3 Build prior to 1374. TrendMicro OfficeScan Corporate Edition 8.0 Build prior to 3110.

• http://seclists.org/bugtraq/2008/Oct/0169.html
• http://secunia.com/advisories/32005/
• http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_CriticalPatch_B1374_readme.txt
• http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_sp1p1_CriticalPatch_B3110_readme.txt

---

Updated on 2015-03-25