This Remote host is installed with Trend Micro OfficeScan, which is prone to ActiveX control buffer overflow vulnerability.

Successful exploitation could allow remote attackers to execute arbitrary code. Impact Level : Application.

Upgrade to OfficeScan 10 or later, For updates refer to http://uk.trendmicro.com/uk/downloads/enterprise/index.html

The flaws are due to an error in objRemoveCtrl control, which is used to display certain properties (eg., Server, ServerIniFile etc..) and their values when it is embedded in a web page. These property values can be overflowed to cause stack based overflow.

OfficeScan 7.3 build 1343 (Patch 4) and prior on Windows (All). Trend Micro Worry-Free Business Security (WFBS) version 5.0 Trend Micro Client Server Messaging Security (CSM) versions 3.5 and 3.6 Quick Fix: Set killbits for the following clsid's {5EFE8CB1-D095-11D1-88FC-0080C859833B} To set kill-bit refer, http://support.microsoft.com/kb/240797

• http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0509.html

---

Updated on 2017-03-28