Описание
Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests."
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.34509
Средний
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests."
EPSS
Процентиль: 97%
0.34509
Средний
10 Critical
CVSS2
Дефекты
CWE-119