CVE-2008-3864

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan version 8.0 SP1 Patch 1 Trend Micro Internet Security versions 2007 and 2008 17.0.1224

Description The issue concerns the ApiThread function in the firewall service of Trend Micro Network Security Component modules. It allows remote attackers to cause a denial of service by crashing the service with a packet containing a large value in an unspecified size field.

Recommendations For Trend Micro OfficeScan version 8.0 SP1 Patch 1, consider disabling the ApiThread function in the firewall service as a temporary workaround until a patch is available. For Trend Micro Internet Security versions 2007 and 2008 17.0.1224, restrict access to the firewall service to minimize the risk of exploitation.