Trend Micro OfficeScan Server CGI Module Authentication Bypass

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

CVE識別番号: CVE-2007-3454

概要

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1001050

Trend Micro Deep Security DPI Rule Name: 1001050 - Trend Micro OfficeScan Server CGI Module Authentication Bypass

影響を受けるソフトウェア

Trend Micro OfficeScan 7.3
Trend Micro OfficeScan 8.0