Описание
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
Ссылки
- PatchVendor Advisory
- US Government Resource
- Vendor Advisory
- PatchVendor Advisory
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:trend_micro:client-server-messaging_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan_corporate_edition:7.0:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan_corporate_edition:7.3:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.75675
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
EPSS
Процентиль: 99%
0.75675
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119