Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

PHP library version 3.5.3 vulnerability in OfficeScan 10.6

    • Updated:
    • 2 Sep 2015
    • Product/Version:
    • OfficeScan 10.6
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2008 Enterprise
Summary

The PHP library included to OfficeScan (OSCE) 10.6 is version 3.5.3 and is vulnerable to the following security issues reported in 2011:

This security issue is the latest one that requires an update to 5.3.16: http://secunia.com/advisories/47806/.

Details
Public

To resolve the issue, update the PHP version to 5.3.16. Choose the option below that applies:

  1. Install IIS and make sure the cgi has been selected.
  2. Download and install PHP 5.3.16.
     
    Download PHP 5.3.16 Non Thread Safe package (44.61 MB) with sha1: 74e4e6ed83b6b14c3c7af6b10281885d77196e75.
  3. Install OSCE 10.6.
  1. Install PHP 5.3.28. IIS needs to use the version php-5.3.28-nts-Win32-VC9-x86.
  2. On the Web Server Setup window, select IISFastCGI and then click Next.

    Web Server Setup

     
  3. Select the following extensions:
    • PHP_GMP
    • PHP_PDO_SQLITE
    • PHP_LDAP
    • PHP_CURL
    • PHP_OPENSSL
    • PHP_MBSTRING(Multi-Byte String)
    • PHP_SOAP

      Select PHP extensions

      Select PHP extensions

      Select PHP extensions

      Select PHP extensions

  4. Go to Fresh Open Source Software Archive and download ext/php_com_dotnet.dll.
  5. Copy php_com_dotnet.dll to C:\Program Files (x86)\PHP\ext.
  6. Modify PHP.ini under C:\Program Files (x86)\PHP by adding the following at the bottom:

    [COM_DOT_NET]
    extension=php_com_dotnet.dll

  7. Restart IIS.
Premium
Internal
Rating:
Category:
Install; Update
Solution Id:
1060433
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.