VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 16, 2008· Updated Apr 23, 2026

CVE-2008-2437

CVE-2008-2437

Description

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.

Affected products

9
  • Trend Micro/Client Server Messaging Security4 versions
    cpe:2.3:a:trend_micro:client-server-messaging_security:2.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:trend_micro:client-server-messaging_security:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:client-server-messaging_security:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:client-server-messaging_security:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:client-server-messaging_security:3.6:*:*:*:*:*:*:*
  • Trend Micro/Officescan5 versions
    cpe:2.3:a:trend_micro:officescan:7.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:trend_micro:officescan:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:officescan:7.3:patch_4:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:officescan:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:officescan:8.0:sp1:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

13

News mentions

0

No linked articles in our index yet.