|
|
Family: Windows --> Category: infos
Trend Micro officescan remote buffer overflow vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks if vulnerable version Trend Micro Office scan is installed
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host is affected by a remote buffer overflow
vulnerability.
Description :
The remote host is running Trend Micro Antivirus, a commercial
anti-virus software package for Windows. The remote version of the
installed antivirus is vulnerable to a remote buffer overflow
vulnerability. The issue exists due a vulnerability in the ActiveX
control installed by the OfficeScan server during a web install of the
OfficeScan clients. The clients cache this ActiveX control which can
be exploited by a malicious website. The attacker can trigger this
issue by enticing a user to click on a malicious link or sending the
the link in an email and urging the user to click on it. Successful
exploitation of this issue might result in arbitrary code execution.
See also:
http://www.nessus.org/u?62e87258
http://www.nessus.org/u?14064dc2
http://www.nessus.org/u?2b2f278b
http://www.nessus.org/u?ad4ca3ae
Solution :
Apply the security patch released by the vendor.
Threat Level:
High / CVSS Base Score : 8.0
(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
