|
 |
|
Trend Micro OfficeScan Client ActiveX Control Buffer Overflows
|
|
|
|
|
Secunia Advisory:
|
SA24193
|
|
|
Release Date:
|
2007-02-16
|
|
Last Update:
|
2007-03-07
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Trend Micro Client Server Messaging Security for SMB 2.x
Trend Micro Client Server Messaging Security for SMB 3.x
Trend Micro OfficeScan Corporate Edition 6.x
Trend Micro OfficeScan Corporate Edition 7.x
|
| | CVE reference: | CVE-2007-0325 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Some vulnerabilities have been discovered in Trend Micro OfficeScan, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to boundary errors within the OfficeScan Corp Edition Web-Deployment SetupINI ActiveX control (OfficeScanSetupINI.dll) on an OfficeScan client when attempting to display a list of configuration settings. This can be exploited to cause stack-based buffer overflows by passing overly long properties when a user e.g. visits a malicious web site.
Successful exploitation allows execution of arbitrary code, but requires that OfficeScan client was installed using web deployment.
The vulnerabilities reportedly affect the following products:
* OfficeScan versions 7.3, 7.0, 6.5, and 5.58.
• Client Server Messaging Security versions 3.5, 3.0, and 2.0.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Apply patches.
OfficeScan 7.0:
http://www.trendmicro.com/ftp/product...sce_70_win_en_securitypatch_b1344.exe
OfficeScan 7.3:
http://www.trendmicro.com/ftp/product...sce_73_win_en_securitypatch_b1241.exe
OfficeScan 6.0 in Client Server Messaging Security 2.0:
http://www.trendmicro.com/ftp/product...sce_60_win_en_securitypatch_b1393.exe
OfficeScan 6.5:
http://www.trendmicro.com/ftp/product...sce_65_win_en_securitypatch_b1448.exe
Client Server Messaging Security 3.0:
http://www.trendmicro.com/ftp/product...sce_72_win_en_securitypatch_b1197.exe
The fixes for the following products are reportedly scheduled for release on March 2, 2007:
* OfficeScan version 5.58
* Client Server Messaging Security 3.5
Provided and/or discovered by:
Will Dormann, CERT/CC.
Changelog:
2007-02-19: Added additional details by Secunia Research.
2007-02-20: Updated description, credits, and vendor links. Added link to US-CERT and CVE reference. Changed "Solution Status" from patched to "Partial Fix" to reflect information from vendor regarding other affected products/versions.
2007-03-05: Updated "Solution Status" and "Solution" sections.
2007-03-07: Updated "Solution" section to add links for Client Server Messaging Security 2.0 and OfficeScan 6.5 solutions.
Original Advisory:
Trend Micro:
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1344_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1241_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1197_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1448_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1393_readme.txt
Other References:
US-CERT VU#784369:
http://www.kb.cert.org/vuls/id/784369
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
11 Related Secunia Security Advisories, displaying 10
|
|
|
1. Trend Micro OfficeScan CGI Module and Policy Server Buffer Overflows
|
|
2. Trend Micro Scan Engine Tmxpflt.sys Privilege Escalation Vulnerability
|
|
3. Trend Micro OfficeScan CGI Modules Buffer Overflow and Authentication Bypass
|
|
4. Trend Micro Products UPX Processing Denial of Service
|
|
5. Trend Micro Products UPX Processing Buffer Overflow Vulnerability
|
|
6. Trend Micro Products IOCTL Handler Privilege Escalation
|
|
7. Trend Micro Products RAR Processing Denial Of Service
|
|
8. OfficeScan Corporate Edition "ATXCONSOLE.OCX" Format String Vulnerability
|
|
9. Trend Micro OfficeScan Client Removal and Arbitrary File Deletion
|
|
10. Trend Micro Products AntiVirus Library Buffer Overflow
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
