Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Trend Micro OfficeScan Vendors:   Trend Micro
Trend Micro OfficeScan Corporate Edition Format String Flaw in 'ATXCONSOLE.OCX' Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016963
SecurityTracker URL:
CVE Reference:   CVE-2006-5157   (Links to External Site)
Updated:  Jun 3 2008
Original Entry Date:  Oct 2 2006
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.3
Description:   A vulnerability was reported in Trend Micro OfficeScan Corporate Edition. A remote user can execute arbitrary code on the target system.

A remote user can provide specially crafted data to the OfficeScan Management console ActiveX control ('ATXCONSOLE.OCX') to trigger a format string flaw and execute arbitrary code on the target system.

The vendor was notified on June 27, 2006.

Deral Heiland of Layered Defense Research discovered this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fixed version (7.3 Patch 1), available at:

Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  [Full-disclosure] Layered Defense Advisory: TrendMicro OfficesScan

Layered Defense Research Advisory 1 October 2006
1) Affected Software
TrendMicro OfficeScan Corporate Edition 7.3
2) Severity
Rating: Medium risk
Impact: Execution of arbitrary code, potential remote exploit, and 
denial of service.
3) Description of Vulnerability
A format string vulnerability was discovered within Trendmicro 
OfficeScan Corporate Edition 7.3. The vulnerability is due to 
improper processing of format strings within OfficeScan Management 
consoles ActiveX Control "ATXCONSOLE.OCX". Specially crafted format 
string passed back to the Management consoles Remote Client Install 
name search would allow access to the process stack. If successfully 
exploited, this could allow the user to execute code of the attackers 
choice on the system running the ActiveX management Console.
4) Solution
The solutions to fix this vulnerability is addressed by OfficeScan 
Corporate Edition 7.3 Patch 1
5) Time Table
06/27/2006 -- Reported Vulnerability to Vendor.
06/30/2006 -- Vendor supplied hot fix to Layered Defense for testing.
09/21/2006 -- Vendor releases fix in Patch 1 to public.
6) Credits
Discovered by Deral Heiland,
7) About Layered Defense Research
Layered Defense Research, Is a group of security professionals that 
work together on ethical Research, Testing and Training within the 
information security arena.

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC