Vulnerability CVE-2007-0851
Published: 2007-02-08   Modified: 2012-02-12

Description:
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Trend micro -> Portalprotect 
Trend micro -> Client-server-messaging suite smb 
Trend micro -> Scanmail 
Trend micro -> Client-server suite smb 
Trend micro -> Scanmail emanager 
Trend micro -> Control manager 
Trend micro -> Scanning engine 
Trend micro -> Interscan emanager 
Trend micro -> Serverprotect 
Trend micro -> Interscan messaging security suite 
Trend micro -> Viruswall 
Trend micro -> Interscan viruswall 
Trend micro -> Web security suite 
Trend micro -> Interscan viruswall for windows nt 
Trend micro -> Webprotect 
Trend micro -> Interscan viruswall scan engine 
Trend micro -> Interscan web security suite 
Trend micro -> Interscan webmanager 
Trend micro -> Interscan webprotect 
Trend micro -> Officescan 
Trend micro -> Pc-cillin 
Trend micro -> Pc-cillin internet security 
Trend micro -> Pc cillin - internet security 2006 

 References:
http://www.kb.cert.org/vuls/id/276432
http://www.securityfocus.com/bid/22449
http://securitytracker.com/id?1017601
http://secunia.com/advisories/24087
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289
http://xforce.iss.net/xforce/xfdb/32352
http://www.vupen.com/english/advisories/2007/0569
http://www.vupen.com/english/advisories/2007/0522
http://www.jpcert.or.jp/at/2007/at070004.txt
http://securitytracker.com/id?1017603
http://securitytracker.com/id?1017602
http://secunia.com/advisories/24128
http://osvdb.org/33038
http://jvn.jp/jp/JVN%2377366274/index.html
Copyright 2024, cxsecurity.com

 

Back to Top