← back
CVE-2008-1365

CVE-2008-1365

EPSS 51.1%
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/31310unverifiedexploitdbwww.exploit-db.com/exploits/16768unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://aluigi.altervista.org/adv/officescaz-adv.txthttp://secunia.com/advisories/29124http://www.securityfocus.com/bid/28020http://www.securitytracker.com/id?1019523http://www.vupen.com/english/advisories/2008/0702