CVE-2007-3454Improper Restriction of Operations within the Bounds of a Memory Buffer in Micro Officescan

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
20.4%
top 4.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trend Micro Officescan
Timeline
PublishedJun 27
Latest updateMay 1

Description

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDtrend_micro/officescan7.3, 8.0+1

Patches

Patch: secunia.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-g79c-8pc3-xg93: Stack-based buffer overflow in CGIOCommon2022-05-01
CVEList
CVE-2007-3454: Stack-based buffer overflow in CGIOCommon2007-06-27
CVE-2007-3454 — Trend Micro Officescan vulnerability | cvebase