Denial of Service Vulnerability in Trend Micro Products
CVE-2006-6458

Currently unrated

Key Information:

Vendor
CVE Published:
11 December 2006

Summary

A denial of service vulnerability exists in the Trend Micro scan engine used in multiple products, including PC Cillin - Internet Security, OfficeScan, and Server Protect. An attacker can exploit this vulnerability by sending a malformed RAR archive containing an Archive Header section with zeroed head_size and pack_size fields, leading to excessive CPU consumption and potential system hangs due to an infinite loop condition. Organizations using vulnerable versions should implement necessary security patches to mitigate the risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.