Stack-based Buffer Overflow in Trend Micro OfficeScan Corporate Edition
CVE-2008-1365

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Officescan Corporate Edition
Vendor: CVE Published:; 17 March 2008

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2008-1365?

A stack-based buffer overflow exists in Trend Micro OfficeScan Corporate Edition due to inadequate validation of input in specific executables. This vulnerability allows remote attackers to craft a long encrypted password, leading to the potential execution of arbitrary code or denial of service. Attackers may exploit this flaw via cgiChkMasterPwd.exe and policyserver.exe, affecting the security integrity of systems running the affected versions.

References

http://www.vupen.com/english/advisories/2008/0702

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1019523

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/28020

vdb-entryx_refsource_BID

EPSS Score

75% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2008
Vulnerability Reserved
Mar 17, 2008