CVE-2008-2437 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-2437
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2437

Description: Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/45072 ST 1020860 SREASON http://securityreason.com/securityalert/4263 SAID Secunia Advisory: SA31342 MISC http://secunia.com/secunia_research/2008-35/ CONFIRM http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_Win_EN_CriticalPatch_B1361_readme.txt http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_SP1_Win_EN_CriticalPatch_B2424_readme.txt http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_SP1_Patch1_Win_EN_CriticalPatch_B3060_readme.txt http://www.trendmicro.com/ftp/documentation/readme/CSM_3.6_OSCE_7.6_Win_EN_CriticalPatch_B1195_readme.txt http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1367_readme.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/496281/100/0/threaded BID 31139

Return to the previous page.