CVE-2007-3454

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan Corporate Edition version 8.0 before 8.0.0.1042

Description The issue is related to a stack-based buffer overflow in the CGIOCommon.dll library, which allows remote attackers to execute arbitrary code via long crafted requests. This can be demonstrated by using a long session cookie to unspecified CGI programs that use this library.

Recommendations For Trend Micro OfficeScan Corporate Edition version 8.0 before 8.0.0.1042, update to version 8.0.0.1042 or later to resolve the issue. As a temporary workaround, consider restricting access to the CGIOCommon.dll library to minimize the risk of exploitation. Avoid using long crafted requests to CGI programs that utilize this library until the issue is resolved.