CVE-2006-5157

Name of the Vulnerable Software and Affected Versions TrendMicro OfficeScan Corporate Edition versions prior to 7.3 Patch 1

Description The issue is related to a format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) of TrendMicro OfficeScan Corporate Edition. This vulnerability allows remote attackers to execute arbitrary code via format string identifiers in the "Management Console's Remote Client Install name search".

Recommendations For versions prior to 7.3 Patch 1, update to version 7.3 Patch 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Console's Remote Client Install name search feature until a patch is applied.