HTTP: Trend Micro OfficeScan ActiveX Control Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Trend Micro OfficeScan. An attacker can create a malicious Web page containing dangerous ActiveX calls, which if visited, can allow the attacker to gain control of the victim's system.
Extended Description
Trend Micro OfficeScan Client is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
Affected Products
Trend_micro officescan_corporate_edition
References
BugTraq: 22585
CVE: CVE-2007-0325
URL: http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt
Short Name
HTTP:STC:CLSID:ACTIVEX:TREND-AX
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Buffer CVE-2007-0325 Control Micro OfficeScan Overflow Trend bid:22585
Release Date
02/28/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Trend_micro
CVSS Score
9.3