Intrusion PreventionTrend.Micro.OfficeScan.CGI.Buffer.Overflow
Description
This indicates an attempt to exploit a stack based buffer overflow vulnerability in Trend Micro OfficeScan Server.
The vulnerability is caused by an error in the CGI console application "cgiChkMasterPwd.exe", which fails to properly check user supplied data before copying it into an insufficiently sized buffer. Successful exploitation may allow an attacker to execute arbitrary code on a vulnerable system.
Affected Products
Trend Micro OfficeScan Corporate Edition for SMB2.0 6.0
Trend Micro OfficeScan Corporate Edition 8.0
Trend Micro OfficeScan Corporate Edition 7.3
Trend Micro OfficeScan Corporate Edition 7.0
Trend Micro OfficeScan Corporate Edition 6.5
Trend Micro Client Server Messaging Security for SMB 3.6
Trend Micro Client Server Messaging Security for SMB 3.5
Trend Micro Client Server Messaging Security for SMB 3.0
Impact
System compromise: remote code execution.
Recommended Actions
Apply patches:
Trend Micro Client Server Messaging Security for SMB 3.5
* Trend Micro csm_35_osce_75_win_en_securitypatch_b1152.exe
* Trend Micro csm_36_osce_76_win_en_securitypatch_b1149.exe
Trend Micro Client Server Messaging Security for SMB 3.0
* Trend Micro csm_30_osce_72_win_en_securitypatch_b1209.exe
Trend Micro OfficeScan Corporate Edition 8.0
* Trend Micro Trend Micro OfficeScan security patch 1042
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-08-01 | 25.612 | Name:TrendMicro. OfficeScan. CGI. Buffer. Overflow:Trend. Micro. OfficeScan. CGI. Buffer. Overflow |
| ID | 15013 |
| Created | Oct 01, 2007 |
| Updated | Jul 31, 2023 |
| Risk |
|
| CVE ID | CVE-2007-3454 CVE-2008-1365 |
| Exploit Prediction Score | 80.3% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |