Intrusion Prevention

TrendMicro.OfficeScan.CGI.Modules.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Trend Micro OfficeScan.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to execute arbitrary code.

Affected Products

Trend Micro OfficeScan 8.0 Service Pack 1
Trend Micro OfficeScan 8.0
Trend Micro OfficeScan 7.3

Impact

System Compromise
Denial of Service

Recommended Actions

Apply the appropriate patch from the vendor:
Trend Micro OfficeScan 8.0 Service Pack 1:
http://www.trendmicro.com/ftp/product...Patch1_Win_EN_CriticalPatch_B3110.exe
Trend Micro OfficeScan 7.3:
http://www.trendmicro.com/ftp/product...CE_7.3_Win_EN_CriticalPatch_B1374.exe

CVE References

CVE-2008-3862