VUPEN Security - Trend Micro Antivirus Products UPX File Parsing Kernel Buffer Overflow Vulnerability / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Trend Micro Antivirus Products UPX File Parsing Kernel Buffer Overflow Vulnerability

Title : Trend Micro Antivirus Products UPX File Parsing Kernel Buffer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2007-0522
CVE ID : CVE-2007-0851
Rated as : Critical

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-02-08

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

A vulnerability has been identified in various Trend Micro products, which could be exploited by attackers or malware to take complete control of an affected system. This issue is due to a buffer overflow error when processing malformed UPX compressed files, which could be exploited by attackers to execute arbitrary commands e.g. by sending an email containing a malicious file to a system being protected by a vulnerable application.

Affected Products

Trend Micro Client Server Messaging Security for SMB
Trend Micro Client Server Security for SMB
Trend Micro Control Manager
Trend Micro InterScan eManager
Trend Micro InterScan Messaging Security Suite
Trend Micro InterScan VirusWall
Trend Micro InterScan VirusWall for SMB
Trend Micro InterScan Web Security Suite
Trend Micro InterScan WebManager
Trend Micro InterScan WebProtect for ISA
Trend Micro OfficeScan
Trend Micro PortalProtect for Sharepoint
Trend Micro ScanMail eManager
Trend Micro ScanMail for Lotus Domino
Trend Micro ScanMail for Microsoft Exchange
Trend Micro ServerProtect for Linux
Trend Micro ServerProtect for Microsoft Windows/Novell NetWare
Trend Micro PC-cillin Internet Security 2005
Trend Micro PC-cillin Internet Security 2006
Trend Micro PC-cillin Internet Security 2007

Solution

Upgrade to Virus Pattern version 4.245.00 :
http://www.trendmicro.com/download/pattern.asp

References

http://www.vupen.com/english/advisories/2007/0522
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470

Credits

Vulnerability reported by iDefense Labs

ChangeLog

2007-02-08 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-07-06

Microsoft Windows 0-Day
Flaw Exploited in the Wild

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

More Informations