CVE-2008-3862 Information
Description
Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374 and 8.0 SP1 Patch 1 before build 3110 allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data related to \parsing CGI requests.\
Reference
http://secunia.com/advisories/32005 http://secunia.com/secunia_research/2008-40/ http://securityreason.com/securityalert/4489 http://www.securityfocus.com/archive/1/497650/100/0/threaded http://www.securityfocus.com/bid/31859 http://www.securitytracker.com/id?1021093 http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_CriticalPatch_B1374_readme.txt http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_sp1p1_CriticalPatch_B3110_readme.txt http://www.vupen.com/english/advisories/2008/2892
Share on: