CVE-2006-5157

Опубликовано: 05 окт. 2006

Источник: nvd

CVSS2: 5.1

EPSS Средний

Описание

Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in TrendMicro OfficeScan Corporate Edition (OSCE) before 7.3 Patch 1 allows remote attackers to execute arbitrary code via format string identifiers in the "Management Console's Remote Client Install name search".

Ссылки

http://secunia.com/advisories/22224
Patch
Vendor Advisory
http://securityreason.com/securityalert/1682
http://securitytracker.com/id?1016963
Patch
http://www.kb.cert.org/vuls/id/788860
US Government Resource
http://www.layereddefense.com/TREND01OCT.html
Patch
http://www.securityfocus.com/archive/1/447498/100/0/threaded
http://www.securityfocus.com/bid/20284
Patch
http://www.vupen.com/english/advisories/2006/3870
https://exchange.xforce.ibmcloud.com/vulnerabilities/29308
http://secunia.com/advisories/22224
Patch
Vendor Advisory
http://securityreason.com/securityalert/1682
http://securitytracker.com/id?1016963
Patch
http://www.kb.cert.org/vuls/id/788860
US Government Resource
http://www.layereddefense.com/TREND01OCT.html
Patch
http://www.securityfocus.com/archive/1/447498/100/0/threaded
http://www.securityfocus.com/bid/20284
Patch
http://www.vupen.com/english/advisories/2006/3870
https://exchange.xforce.ibmcloud.com/vulnerabilities/29308

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19033

Средний

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-qwcf-2fhq-7mmv

github

почти 4 года назад