PT-2010-2321 · Trend Micro · Trend Micro Url Filtering Engine+2
Published
2010-02-09
·
Updated
2017-08-17
·
CVE-2010-0564
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Trend Micro OfficeScan versions 8.0 through 8.0 before SP1 Patch 5 - Build 3510
Trend Micro OfficeScan version 10.0 with tmufeng.dll before 2.0.0.1049
Trend Micro OfficeScan with tmufeng.dll before 3.0.0.1029
Description
The issue is a buffer overflow in the Trend Micro URL Filtering Engine (TMUFE) that allows attackers to cause a denial of service, resulting in a crash or hang of OfficeScan, via unspecified vectors.
Recommendations
For Trend Micro OfficeScan versions 8.0 through 8.0 before SP1 Patch 5 - Build 3510, update to SP1 Patch 5 - Build 3510 or later.
For Trend Micro OfficeScan version 10.0 with tmufeng.dll before 2.0.0.1049, update tmufeng.dll to version 2.0.0.1049 or later.
For Trend Micro OfficeScan with tmufeng.dll before 3.0.0.1029, update tmufeng.dll to version 3.0.0.1029 or later.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Officescan
Trend Micro Officescan Server
Trend Micro Url Filtering Engine