1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Trend Micro Officescan Client AX BO

HTTP Trend Micro Officescan Client AX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in the Trend Micro OfficeScan Client ActiveX control.

Additional Information

Trend Micro OfficeScan is an integrated enterprise-level security product that protects against viruses, spyware, worms, and blended threats.

Trend Micro OfficeScan is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.n nThis issue arises in an unspecified ActiveX control shipped with the application.

Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

Affected

  • Trend Micro OfficeScan Corporate Edition 7.0, 7.3

Response

Download and install patches from the vendor related to this issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube