Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1435 — Officescan vulnerability

CWE-3994 documents4 sources

Severity

2.1LOWNVD

EPSS

0.4%

top 41.53%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Trendmicro Officescan

Timeline

PublishedApr 27

Latest updateMay 2

Description

NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDtrendmicro/officescan8.0

🔴Vulnerability Details

GHSA

GHSA-2mxv-g6h6-532m: NTRtScan↗2022-05-02

▶

CVEList

CVE-2009-1435: NTRtScan↗2009-04-27

▶

💥Exploits & PoCs

Exploit-DB

Trend Micro OfficeScan 8.0 Client - Denial of Service↗2009-04-21

▶