CVE-2007-0325

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Officescan Corporate Edition; Client-server-messaging Security
Vendor: CVE Published:; 20 February 2007

Summary

Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.

References

http://esupport.trendmicro.com/support/viewxml.do?Content...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/22585

vdb-entryx_refsource_BID

http://www.kb.cert.org/vuls/id/784369

third-party-advisoryx_refsource_CERT-VN

EPSS Score

89% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 20, 2007
Vulnerability Reserved
Jan 17, 2007