CVE-2017-14089

CRITICAL

Trend Micro OfficeScan <11.0 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14089. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a remote memory corruption vulnerability in TrendMicro OfficeScan XG by sending a maliciously crafted cookie to the cgiShowClientAdm.exe endpoint. The payload consists of an overly long 'LogonUser' cookie value, which triggers the memory corruption.

Description

An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · pythondoswindows

https://www.exploit-db.com/exploits/42920

View Code ZIP pw:eip

This exploit demonstrates a remote memory corruption vulnerability in TrendMicro OfficeScan XG by sending a maliciously crafted cookie to the cgiShowClientAdm.exe endpoint. The payload consists of an overly long 'LogonUser' cookie value, which triggers the memory corruption.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: TrendMicro OfficeScan v11.0 and XG (12.0)

No auth needed

Prerequisites: Network access to the target's OfficeScan server on port 4343

MITRE ATT&CK