Trend Micro OfficeScan client ActiveX control buffer overflow
Added: 02/21/2007CVE: CVE-2007-0325
BID: 22585
OSVDB: 33040
Background
Trend Micro OfficeScan is a centralized virus and security scan management system.Problem
The OfficeScan Web-Deployment SetupINICtrl ActiveX control, which is vulnerable to buffer overflows in multiple methods, is automatically installed on any client which uses the web-based administration console. Exploitation of these buffer overflows by a malicious web page leads to command execution.Resolution
Upgrade to OfficeScan 7.0 Build 1344, OfficeScan 7.3 Build 1241, or Client/Server/Messaging Security 3.0 Build 1197. For more information see Trend Micro solution ID 1034288.References
http://www.kb.cert.org/vuls/id/784369Limitations
Exploit works on the ActiveX control which comes with Trend Micro OfficeScan Corporate Edition 7.3. A computer with the vulnerable ActiveX control must load the exploit page in order for the exploit to succeed. The vulnerable ActiveX control is installed if the computer has previously accessed the following URL where OfficeScanServer is the IP address of the OfficeScan server:http://OfficeScanServer:8080/
Platforms
Windows 2000Windows XP SP0 / Windows XP SP1
Windows XP SP2
Back to exploit index