CVE-2008-2439

Trend Micro OfficeScan and Worry-Free Business Security - Directory Traversal via HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2439. Includes Metasploit module auxiliary/admin/officescan/tmlisten_traversal.

AI-analyzed exploit summary This Metasploit auxiliary module tests for a directory traversal vulnerability in Trend Micro OfficeScanNT Listener (TmListen.exe) by sending a crafted HTTP request to read arbitrary files. It checks for the presence of 'win.ini' content to determine vulnerability.

Description

Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party information.

Exploits (1)

metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/officescan/tmlisten_traversal.rb

This Metasploit auxiliary module tests for a directory traversal vulnerability in Trend Micro OfficeScanNT Listener (TmListen.exe) by sending a crafted HTTP request to read arbitrary files. It checks for the presence of 'win.ini' content to determine vulnerability.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Trend Micro OfficeScanNT Listener (TmListen.exe) service
No auth needed
Prerequisites: Network access to the target service on port 26122
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2711
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31531
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020975
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32097
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45597
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/496970/100/0/threaded
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31343
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2712
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2008-39/

Scores

EPSS 0.4462
EPSS Percentile 97.7%

Details

CWE
CWE-22
Status published
Products (3)
trend_micro/officescan 7.3
trend_micro/officescan 8.0 sp1 (2 CPE variants)
trend_micro/worry_free_business_security 5.0
Published Oct 03, 2008
Tracked Since Feb 18, 2026