Stack-Based Buffer Overflow in Trend Micro AntiSpyware and PC-Cillin Internet Security
CVE-2007-3873

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Pc-cillin Internet Security 2007; Antispyware
Vendor: CVE Published:; 22 August 2007

Summary

This vulnerability resides in the vstlib32.dll component of Trend Micro AntiSpyware and PC-Cillin Internet Security, specifically affecting versions from 3.5 and 15.0 to 15.3 respectively, when the Venus Spy Trap feature is activated. A stack-based buffer overflow occurs due to handling overly long pathname arguments during the ReadDirectoryChangesW callback. This could allow local users to disrupt service operations or potentially execute arbitrary code, compromising system integrity and availability.

References

http://esupport.trendmicro.com/support/consumer/search.do...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/36144

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/25388

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 22, 2007
Vulnerability Reserved
Jul 18, 2007