Trend.Micro.OfficeScan.Atxconsole.ActiveX.Control.Format.String
Description
This indicates a possible exploit of a format string vulnerability in TrendMicro OfficeScan Corporate Edition (OSCE).
This flaw is due to a format string error in the "ATXCONSOLE.OCX" ActiveX control when handling a specially crafted parameter passed to the Management Console's Remote Client Install name search.
Affected Products
Trend Micro OfficeScan Corporate Edition version 7.3 and prior.
Impact
The execution of arbitrary code on the system.
Recommended Actions
Upgrade to Trend Micro OfficeScan Corporate Edition 7.3 Patch 1 :
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:TrendMicro. OfficeScan. Atxconsole. ActiveX. Control. Format. String:Trend. Micro. OfficeScan. Atxconsole. ActiveX. Control. Format. String |