CVE-2010-0564Improper Restriction of Operations within the Bounds of a Memory Buffer in Officescan

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.3%
top 20.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Officescan
Timeline
PublishedFeb 10
Latest updateMay 2

Description

Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: www.vupen.comPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-8frw-h99g-7h23: Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 82022-05-02
CVEList
CVE-2010-0564: Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 82010-02-10

💥Exploits & PoCs

2
Exploit-DB
Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4)2010-09-25
Exploit-DB
Microsoft HTML Help Workshop 4.74 - '.hhp' Cotent Buffer Overflow (Metasploit) (2)2010-09-25
CVE-2010-0564 — Trendmicro Officescan vulnerability | cvebase