Trend Officescan – Proof of concept

In April a Trend vulnerability was discovered.  The Trend real time scan service can be exploited by running a scan on a long directory name.  It’s surprising that this vulnerability was discovered and yet is still exploitable in the latest release of Trend — which I’ve confirmed today.  What’s neat is someone who only has user level privilege on a machine would be able to halt the Trend service and then potentially run some nasty code.

Here’s a VB project that will generate a long directory name and then attempt to run the scan: Trend POC (I’ve also compiled the source for those who don’t have VB — rename the .exe_ to .exe)

I’m running AVG Free on my Windows machine and happy with that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s