CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3364

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1020%
EPSS Percentile37.58th
PublishedJul 30, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and Worry-Free Business Security (WFBS) 5.0 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Trend Micro

Officescan

= 7.3

References & Advisories

πŸ”— http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1037899&id=EN-1037899
πŸ”— http://secunia.com/advisories/31277
πŸ”— http://secunia.com/advisories/31440
πŸ”— http://securityreason.com/securityalert/4061
πŸ”— http://www.securityfocus.com/bid/30407
πŸ”— http://www.securitytracker.com/id?1020569
πŸ”— http://www.vupen.com/english/advisories/2008/2220/references
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44042

Related Vulnerabilities

CVE-2007-345410.0

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote atta...

CVE-2007-345510.0

cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the passwor...

CVE-2006-138110.0

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local use...

CVE-2008-243710.0

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 a...