exploits , vulnerabilities , articles , Trend Micro OfficeScan Buffer Overflow Vulnerability and Denial of Service Vulnerability

Title	Trend Micro OfficeScan Buffer Overflow Vulnerability and Denial of Service Vulnerability
Published	2008-02-27-12:00AM
Updated	2008-03-18-10:30PM
Class	Boundary Condition Error
CVE	CVE-2008-1365
Remote	Yes
Local	No
Credit	Luigi Auriemma is credited with discovering these vulnerabilities.
Vulnerable	Trend Micro OfficeScan Corporate Edition 7.0 Trend Micro OfficeScan Corporate Edition 6.5 Trend Micro OfficeScan Corporate Edition 5.58 Trend Micro OfficeScan Corporate Edition 5.5 Trend Micro OfficeScan Corporate Edition 5.0 2 Trend Micro OfficeScan Corporate Edition 3.54 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows ME Microsoft Windows NT 4.0 SP6a Microsoft Windows NT 4.0 SP5 Microsoft Windows NT 4.0 SP4 Microsoft Windows NT 4.0 SP3 Novell Netware 5.1 Novell Netware 5.0 Novell Netware 4.11 Novell Netware 4.1 Novell Netware 3.1.2 Trend Micro OfficeScan Corporate Edition 3.13 Microsoft Windows 3.1 Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Novell Netware 4.11 Novell Netware 4.1 Trend Micro OfficeScan Corporate Edition 3.11 Microsoft Windows 3.1 Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Novell Netware 4.11 Novell Netware 4.1 Trend Micro OfficeScan Corporate Edition 3.5 Microsoft Windows 3.1 Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Novell Netware 4.11 Novell Netware 4.1 Trend Micro OfficeScan Corporate Edition 3.0 Microsoft Windows 3.1 Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Novell Netware 4.11 Novell Netware 4.1 Trend Micro OfficeScan Corporate Edition 8.0.patch build 1042 Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 Build 11 Trend Micro OfficeScan Corporate Edition 8.0 Trend Micro OfficeScan Corporate Edition 7.3 Build 1314 Trend Micro OfficeScan Corporate Edition 7.3 Trend Micro OfficeScan Corporate Edition 7.3 Trend Micro OfficeScan Corporate Edition 7.0 Trend Micro OfficeScan Corporate Edition 6.5 Trend Micro OfficeScan Corporate Edition 6.0
Not Vulnerable
Code	Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.The following proof-of-concept HTTP requests and password examples are available: /data/vulnerabilities/exploits/officescaz.zip
TXT

Vulnerabilities - newest 10 RSS | More

2008-11-22 KVIrc URI Handler Remote Command Execution Vulnerability
2008-11-22 NVIDIA Cg Toolkit Installer Insecure Temporary File Creation Vulnerability
2008-11-22 TkUsr Insecure Temporary File Creation Vulnerability
2008-11-21 TAU Tuning and Analysis Utilities Insecure Temporary File Creation Vulnerabilities
2008-11-21 Maildirsync Insecure Temporary File Creation Vulnerability
2008-11-21 TkMan Insecure Temporary File Creation Vulnerability
2008-11-21 Apple iPhone Configuration Web Utility for Windows Directory Traversal Vulnerability
2008-11-21 Cisco IOS and CatOS VLAN Trunking Protocol Packet Handling Denial Of Service Vulnerability
2008-11-21 vBulletin Visitor Messages Addon Comment Notification HTML Injection Vulnerability
2008-11-21 Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities