CVE-CVE-2008-2437 | UNKNOWN Severity | CVEDatabase.com

Description

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.

CVSS Metrics

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector: network
Access Cmplx: low
Auth: none
Confidentiality: complete
Integrity: complete
Availability: complete
Weaknesses: CWE-119

Metadata

Primary Vendor: TREND_MICRO
Published: 9/16/2008
Last Modified: 4/9/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

trend_micro : client-server-messaging_securitytrend_micro : client-server-messaging_securitytrend_micro : client-server-messaging_securitytrend_micro : client-server-messaging_securitytrend_micro : officescantrend_micro : officescantrend_micro : officescantrend_micro : officescantrend_micro : officescan

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD