Web-delivered products at risk of allowing remote access.
A set of vulnerabilities have been reported in
Trend Micro
‘s
Officescan
product, which have been flagged with the ‘Highly Critical’ rating by vulnerability watchers at
Secunia
as exploitation could allow execution of code from remote sources.
The vulnerabilities, buffer overflows in ActiveX objects used by the web deployment system, should only affect systems where clients have been set up using web deployment, and have only been shown to work under version 7.3 of the
OfficeScan
product.
No patch is yet available from
Trend
, but details of workarounds are as usual included in the
Secunia
bulletin
here
.
Posted on 01 August 2008 by
Virus Bulletin
Leave a Reply