Vulnerability Solutions |
||
| The WatchMouse Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview | ||
| Category: Windows | Risk factor: High | Added: 8 Oct 2008 |
| Synopsis: The remote host contains an application that is affected by multiple vulnerabilities. Description: The remote host is either running Worry-Free Business Security or Trend Micro OfficeScan/Trend Micro OfficeScan client. The installed version is affected by multiple vulnerabilities : - If Trend Micro OfficeScan client 'Tmlisten.exe' is configured to receive updates from other clients, it may be possible to launch a directory traversal attack against the remote host, and read arbitrary files. - A vulnerability in Trend Micro OfficeScan server CGI modules could be exploited to trigger a buffer overflow issue and execute arbitrary code on the remote system with web server privileges. - A NULL pointer dereference issue could be exploited to trigger a denial of service condition on the remote system. See also: http://secunia.com/secunia_research/2008-39/ http://www.nessus.org/u?14a47516 (v7.3 Build 1372) http://www.nessus.org/u?b5493c8c (v8.0 Service Pack 1, Build 2439) http://www.nessus.org/u?c957bae3 (v8.0 Service Pack 1 Patch 1, Build 3087) http://www.nessus.org/u?cabe4087 (v5.0 WFBS Patch 1414) Solution: Upgrade to : - Trend Micro OfficeScan 7.3 Build 3172. - Trend Micro OfficeScan 8.0 Build 2439/3087 depending on the current OfficeScan patch level. - Worry-Free Business Security 5.0 Build 1414. Risk factor: High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) |
||
