|
|
|
|
Trend Micro OfficeScan Client ActiveX Control Buffer Overflows
|
|
Secunia Advisory:
|
SA24193
|
|
|
Release Date:
|
2007-02-16
|
|
Last Update:
|
2007-03-07
|
|
Popularity:
|
15,404 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Trend Micro Client Server Messaging Security for SMB 2.x
Trend Micro Client Server Messaging Security for SMB 3.x
Trend Micro OfficeScan Corporate Edition 6.x
Trend Micro OfficeScan Corporate Edition 7.x
|
|
|
Binary Analysis:
|
BA49 :: Available for 1 Credit 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
| | CVE reference: | CVE-2007-0325
|
|
Description:
Some vulnerabilities have been discovered in Trend Micro OfficeScan, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to boundary errors within the OfficeScan Corp Edition Web-Deployment SetupINI ActiveX control (OfficeScanSetupINI.dll) on an OfficeScan client when attempting to display a list of configuration settings. This can be exploited to cause stack-based buffer overflows by passing overly long properties when a user e.g. visits a malicious web site.
Successful exploitation allows execution of arbitrary code, but requires that OfficeScan client was installed using web deployment.
The vulnerabilities reportedly affect the following products:
* OfficeScan versions 7.3, 7.0, 6.5, and 5.58.
• Client Server Messaging Security versions 3.5, 3.0, and 2.0.
Solution:
Apply patches.
OfficeScan 7.0:
http://www.trendmicro.com/ftp/product...sce_70_win_en_securitypatch_b1344.exe
OfficeScan 7.3:
http://www.trendmicro.com/ftp/product...sce_73_win_en_securitypatch_b1241.exe
OfficeScan 6.0 in Client Server Messaging Security 2.0:
http://www.trendmicro.com/ftp/product...sce_60_win_en_securitypatch_b1393.exe
OfficeScan 6.5:
http://www.trendmicro.com/ftp/product...sce_65_win_en_securitypatch_b1448.exe
Client Server Messaging Security 3.0:
http://www.trendmicro.com/ftp/product...sce_72_win_en_securitypatch_b1197.exe
The fixes for the following products are reportedly scheduled for release on March 2, 2007:
* OfficeScan version 5.58
* Client Server Messaging Security 3.5
Provided and/or discovered by:
Will Dormann, CERT/CC.
Changelog:
2007-02-19: Added additional details by Secunia Research.
2007-02-20: Updated description, credits, and vendor links. Added link to US-CERT and CVE reference. Changed "Solution Status" from patched to "Partial Fix" to reflect information from vendor regarding other affected products/versions.
2007-03-05: Updated "Solution Status" and "Solution" sections.
2007-03-07: Updated "Solution" section to add links for Client Server Messaging Security 2.0 and OfficeScan 6.5 solutions.
Original Advisory:
Trend Micro:
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1344_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1241_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1197_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1448_readme.txt
http://www.trendmicro.com/ftp/documen..._win_en_securitypatch_1393_readme.txt
Other References:
US-CERT VU#784369:
http://www.kb.cert.org/vuls/id/784369
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
10th Oct, 2008
|
New advisories:
|
15 |
|
New vulnerabilities:
|
83 |
|
Updated advisories:
|
41 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
|
|
Send Feedback to Secunia
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
|
