CVE-2008-3364

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment versions 7.0 through 7.3 build 1343 Patch 4 Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment version 8.0 Client Server Messaging Security (CSM) versions 3.5 through 3.6 Worry-Free Business Security (WFBS) version 5.0

Description The issue is caused by boundary errors in the OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class ActiveX control, allowing remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. This can be exploited when a user visits a malicious web site, resulting in a stack-based buffer overflow. Successful exploitation requires that the OfficeScan client was installed using web deployment.

Recommendations For Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment versions 7.0 through 7.3 build 1343 Patch 4, consider disabling the ObjRemoveCtrl Class ActiveX control until a patch is available. For Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment version 8.0, restrict access to the OfficeScanRemoveCtrl.dll to minimize the risk of exploitation. For Client Server Messaging Security (CSM) versions 3.5 through 3.6, avoid using the Server property in the affected ActiveX control until the issue is resolved. For Worry-Free Business Security (WFBS) version 5.0, as a temporary workaround, consider disabling the ObjRemoveCtrl Class ActiveX control until a patch is available.