CVE-2008-3862

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan versions 7.3 Patch 4 build 1367 through 7.3 Patch 4 build 1373 Trend Micro OfficeScan version 8.0 SP1 Patch 1 before build 3110

Description The issue is related to a stack-based buffer overflow in CGI programs within the server, allowing remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data. This is related to the parsing of CGI requests.

Recommendations For Trend Micro OfficeScan versions 7.3 Patch 4 build 1367 through 7.3 Patch 4 build 1373, update to build 1374 or later. For Trend Micro OfficeScan version 8.0 SP1 Patch 1 before build 3110, update to build 3110 or later. As a temporary workaround, consider restricting access to CGI programs within the server to minimize the risk of exploitation.