Buffer Overflow in Trend Micro Scan Engine Affects Multiple Products
CVE-2007-0851

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Interscan Emanager; Scanmail; Pc Cillin - Internet Security 2006; Interscan Viruswall
Vendor: CVE Published:; 8 February 2007

Summary

A buffer overflow vulnerability exists in Trend Micro Scan Engine versions 8.000 and 8.300 prior to virus pattern file 4.245.00. This flaw can be exploited by remote attackers through the use of a specially crafted UPX compressed executable, leading to the execution of arbitrary code on the affected system. Mitigating this vulnerability is critical to maintaining the integrity and security of Trend Micro's antivirus solutions.

References

http://securitytracker.com/id?1017601

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/22449

vdb-entryx_refsource_BID

http://esupport.trendmicro.com/support/viewxml.do?Content...

x_refsource_CONFIRM

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 8, 2007
Vulnerability Reserved
Feb 8, 2007