Lucene search
RootSSV:4283HistoryOct 23, 2008 - 12:00 a.m.
趋势科技OfficeScan CGI解析栈溢出漏洞
2008-10-2300:00:00
Root
www.seebug.org
21
0.55 Medium
EPSS
Percentile
97.3%
BUGTRAQ ID: 31859
CVE(CAN) ID: CVE-2008-3862
OfficeScan是一种针对整个网段的分布式杀毒软件。
OfficeScan服务器在解析CGI请求时存在栈溢出漏洞。如果远程攻击者通过HTTP POST请求向受影响的CGI可执行程序发送了特制的表单数据的话,就可以触发这个溢出,导致执行任意指令。
Trend Micro OfficeScan 8.0
Trend Micro OfficeScan 7.3
Trend Micro
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_SP1_Patch1_Win_EN_CriticalPatch_B3110.exe” target=“_blank”>http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_SP1_Patch1_Win_EN_CriticalPatch_B3110.exe</a>
<a href=“http://www.trendmicro.com/ftp/products/patches/OSCE_7.3_Win_EN_CriticalPatch_B1374.exe” target=“_blank”>http://www.trendmicro.com/ftp/products/patches/OSCE_7.3_Win_EN_CriticalPatch_B1374.exe</a>
Related
saint
saint
Trend Micro OfficeScan CGI programs POST request buffer overflow
2008-10-31 00:00:00
Trend Micro OfficeScan CGI programs POST request buffer overflow
2008-10-31 00:00:00
Trend Micro OfficeScan CGI programs POST request buffer overflow
2008-10-31 00:00:00
prion
prion
Stack overflow
2008-10-23 22:00:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Trend Micro OfficeScan CGI Parsing Buffer Overflow Vulnerability
2008-10-29 00:00:00
Trend Micro OfficeScan CGI Parsing Buffer Overflow Vulnerability
2008-10-29 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_TRENDOFFICE
2008-10-23 22:00:00
nessus
nessus
Trend Micro OfficeScan HTTP Request Remote Buffer Overflow
2008-10-24 00:00:00
securityvulns
securityvulns
Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows
2008-10-29 00:00:00
Trend Micro OfficeScan buffer overflow
2008-10-29 00:00:00
cve
cve
CVE-2008-3862
2008-10-23 22:00:00