RSS   Vulnerabilities for
'Pc-cillin internet security 2007'
   RSS

2007-10-30
 
CVE-2007-4277

CWE-264
 

 
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.

 
2007-08-22
 
CVE-2007-3873

 

 
Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap (VST) feature is enabled, allows local users to cause a denial of service (service crash) or execute arbitrary code via a file with a long pathname, which triggers the overflow during a ReadDirectoryChangesW callback notification.

 

 >>> Vendor: Trend micro 67 Products
Interscan viruswall
Pc-cillin
Officescan
Virus buster 2001
Scanmail exchange
Interscan webmanager
Virus control system
Interscan emanager
Interscan applettrap
Virus buster
Interscan viruswall for windows nt
Damage cleanup server
Housecall
Scanmail
Scanmail domino
Control manager
Client-server-messaging suite smb
Client-server suite smb
Interscan messaging security suite
Interscan web security suite
Interscan webprotect
Portalprotect
Scanmail emanager
Serverprotect
Serverprotect earthagent
Antispyware
Pc-cillin 2005
Pc-cillin 2006
Scan engine
Officescan corporate edition
Pc cillin - internet security 2006
Client-server-messaging security
Viruswall
Interscan viruswall scan engine
Pc-cillin internet security
Scanning engine
Web security suite
Webprotect
Damage cleanup services
Tmcomm.sys
Trend micro antirootkit common module
Trend micro antispyware
Trend micro antivirus
Vsapini.sys
Pc-cillin internet security 2007
Trend micro antivirus plus antispyware
Trend micro internet security virus bust
Trend micro internet security pro
Client server messaging suite
Worry free business security
Internet security 2007
Internet security 2008
Interscan web security virtual appliance
Mobile security
Interscan messaging security virtual appliance
Deep discovery inspector
Password manager
Email encryption gateway
Business security
Business security services
Office scan
Virtual mobile infrastructure
Smart protection server
Endpoint sensor
Deep security
Security
Worry-free business security


Copyright 2024, cxsecurity.com

 

Back to Top