Trend Micro OfficeScan Directory Traversal Vulnerability
Publish date: 27 de julio de 2016
Gravedad: Medio
Identificadores de CVE : CVE-2008-2439
Descripción
Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party information.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1003177
Trend Micro Deep Security DPI Rule Name: 1003177 - Trend Micro OfficeScan Directory Traversal Vulnerability
Software y versión afectados
- trend_micro officescan 7.3
- trend_micro officescan 8.0
- trend_micro worry_free_business_security 5.0