Denial of Service Vulnerability in Trend Micro OfficeScan Corporate Edition
CVE-2008-1366

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Officescan Corporate Edition
Vendor: CVE Published:; 17 March 2008

Summary

The vulnerability in Trend Micro OfficeScan Corporate Edition allows remote attackers to exploit the application by sending malicious HTTP requests. Specifically, requests that lack a Content-Length header or contain invalid characters in unspecified CGI arguments can lead to a NULL pointer dereference, resulting in process consumption and potential service disruption. This could affect the availability of the service, making it essential for users to apply patches and mitigate risks associated with this vulnerability.

References

http://www.vupen.com/english/advisories/2008/0702

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/28020

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1019522

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Mar 17, 2008
Vulnerability Reserved
Mar 17, 2008