Trend Micro OfficeScan client ActiveX control buffer overflow

Added: 02/21/2007
CVE: CVE-2007-0325
BID: 22585
OSVDB: 33040


Trend Micro OfficeScan is a centralized virus and security scan management system.


The OfficeScan Web-Deployment SetupINICtrl ActiveX control, which is vulnerable to buffer overflows in multiple methods, is automatically installed on any client which uses the web-based administration console. Exploitation of these buffer overflows by a malicious web page leads to command execution.


Upgrade to OfficeScan 7.0 Build 1344, OfficeScan 7.3 Build 1241, or Client/Server/Messaging Security 3.0 Build 1197. For more information see Trend Micro solution ID 1034288.



Exploit works on the ActiveX control which comes with Trend Micro OfficeScan Corporate Edition 7.3. A computer with the vulnerable ActiveX control must load the exploit page in order for the exploit to succeed. The vulnerable ActiveX control is installed if the computer has previously accessed the following URL where OfficeScanServer is the IP address of the OfficeScan server:


Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2

Back to exploit index