Stack-Based Buffer Overflow in Trend Micro OfficeScan Products
CVE-2008-2437

Currently unrated

Key Information:

Vendor

Trend Micro
Status
Client-server-messaging Security
Officescan
Vendor
CVE Published:
16 September 2008

What is CVE-2008-2437?

A stack-based buffer overflow occurs in cgiRecvFile.exe within Trend Micro OfficeScan versions 7.3 patch 4, 8.0, and 8.0 SP1, as well as Client Server Messaging Security 3.6. This vulnerability can be exploited by remote attackers sending specially crafted HTTP requests with excessively long ComputerName parameters, potentially allowing them to execute arbitrary code on the affected systems. It is crucial for organizations using these products to implement necessary patches and safeguard their networks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.trendmicro.com/ftp/documentation/readme/OSCE_7...
x_refsource_CONFIRM
http://www.trendmicro.com/ftp/documentation/readme/OSCE_8...
x_refsource_CONFIRM
http://securityreason.com/securityalert/4263
third-party-advisoryx_refsource_SREASON

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.