Intrusion Prevention

TrendMicro.OfficeScan.Client.ActiveX.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in TrendMicro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll.

Affected Products

Trend Micro OfficeScan Corporate Edition version 7.0
Trend Micro OfficeScan Corporate Edition version 7.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch for osce version 7.0, available from the Web site:
http://www.trendmicro.com/ftp/products/patches/osce_70_win_en_securitypatch_b1344.exe
Apply patch for osce version 7.3, available from the Web site:
http://www.trendmicro.com/ftp/products/patches/osce_73_win_en_securitypatch_b1241.exe

CVE References

CVE-2007-0325