CERT-In Vulnerability Note CIVN-2010-23
Trend Micro OfficeScan URL Filtering Engine Buffer Overflow Vulnerability

Original Issue Date: February 12, 2010

Severity Rating: Medium

System Affected

• Trend Micro OfficeScan versions 10.x
• Trend Micro OfficeScan versions 8.x

Overview

A vulnerability has been reported in Trend Micro OfficeScan, which could be exploited by a remote attacker to execute an arbitrary code or cause Denial of Service (DoS) condition.

Description

This vulnerability is caused due to improper boundary checking on user supplied data when copied it into an insufficient sized buffer memory in Trend Micro URL filtering engine (TMUFE) in Trend Micro OfficeScan. A remote attacker could exploit this vulnerability via a specially crafted URL to trigger a buffer overflow error.

Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code within the context of the affected application or cause Denial of Service (DoS) condition.

Solutions

Apply appropriate patches.

Trend Micro OfficeScan 8.0 SP1 Patch 5:
http://www.trendmicro.com/ftp/products/patches/OSCE_80_
Win_SP1_Patch5_en.exe

Trend Micro OfficeScan 10.0:

Apply Critical Patch:
http://www.trendmicro.com/ftp/product...E_10.0_Win_EN_
CriticalPatch_B1224.exe

Vendor Information

References

Trend Micro
http://www.trendmicro.com/ftp/documentation/readme/OSCE80_Win
_SP1_Patch_5_en_readme.txt
http://www.trendmicro.com/ftp/documentation/readme/readme_1224.txt

Secunia
http://secunia.com/advisories/38396/

SecurityFocus
http://www.securityfocus.com/bid/38083

SecurityTracker
http://securitytracker.com/alerts/2010/Feb/1023553.html

ISS X-Force
http://xforce.iss.net/xforce/xfdb/56097

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003