CVE-2007-0325

Trend Micro OfficeScan and Client/Server/Messaging Security - Remote Code Execution via Crafted HTML Document

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-0325. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/browser/trendmicro_officescan.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Trend Micro OfficeScan Corporate Edition 7.3 via the CgiOnUpdate() method in OfficeScanSetupINI.dll. It delivers a payload through a malicious HTML page with an embedded ActiveX control.

Description

Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16535

View Code ZIP pw:eip

This exploit targets a stack buffer overflow in Trend Micro OfficeScan Corporate Edition 7.3 via the CgiOnUpdate() method in OfficeScanSetupINI.dll. It delivers a payload through a malicious HTML page with an embedded ActiveX control.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Trend Micro OfficeScan Corporate Edition 7.3

No auth needed

Prerequisites: Victim must visit a malicious web page · ActiveX controls must be enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/trendmicro_officescan.rb