ID CVE-2007-0851
Summary Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
Vulnerable Configurations
  • cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:-:windows
    cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:-:windows
  • cpe:2.3:a:trend_micro:client-server_suite_smb:gold:-:windows
    cpe:2.3:a:trend_micro:client-server_suite_smb:gold:-:windows
  • cpe:2.3:a:trend_micro:control_manager:2.5.0
    cpe:2.3:a:trend_micro:control_manager:2.5.0
  • cpe:2.3:a:trend_micro:control_manager:3.5
    cpe:2.3:a:trend_micro:control_manager:3.5
  • cpe:2.3:a:trend_micro:control_manager:gold:-:as_400
    cpe:2.3:a:trend_micro:control_manager:gold:-:as_400
  • cpe:2.3:a:trend_micro:control_manager:gold:-:s_390
    cpe:2.3:a:trend_micro:control_manager:gold:-:s_390
  • cpe:2.3:a:trend_micro:control_manager:gold:-:solaris
    cpe:2.3:a:trend_micro:control_manager:gold:-:solaris
  • cpe:2.3:a:trend_micro:control_manager:gold:-:windows
    cpe:2.3:a:trend_micro:control_manager:gold:-:windows
  • cpe:2.3:a:trend_micro:control_manager:gold:-:windows_nt
    cpe:2.3:a:trend_micro:control_manager:gold:-:windows_nt
  • cpe:2.3:a:trend_micro:control_manager:netware
    cpe:2.3:a:trend_micro:control_manager:netware
  • cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:-:windows
    cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:-:windows
  • cpe:2.3:a:trend_micro:interscan_emanager:3.5:-:hp
    cpe:2.3:a:trend_micro:interscan_emanager:3.5:-:hp
  • cpe:2.3:a:trend_micro:interscan_emanager:3.51
    cpe:2.3:a:trend_micro:interscan_emanager:3.51
  • cpe:2.3:a:trend_micro:interscan_emanager:3.51_j
    cpe:2.3:a:trend_micro:interscan_emanager:3.51_j
  • cpe:2.3:a:trend_micro:interscan_emanager:3.6:-:linux
    cpe:2.3:a:trend_micro:interscan_emanager:3.6:-:linux
  • cpe:2.3:a:trend_micro:interscan_emanager:3.6:-:sun
    cpe:2.3:a:trend_micro:interscan_emanager:3.6:-:sun
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:-:linux_5.1.1
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:-:linux_5.1.1
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:linux
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:linux
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:solaris
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:solaris
  • cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:windows
    cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:-:windows
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:-:linux
    cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:-:linux
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:-:unix
    cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:-:unix
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:-:linux
    cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:-:linux
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3
    cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.3
    cpe:2.3:a:trend_micro:interscan_viruswall:3.3
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.32
    cpe:2.3:a:trend_micro:interscan_viruswall:3.32
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:-:linux
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:-:linux
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:hp_ux
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:hp_ux
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:solaris
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:solaris
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:windows_nt
    cpe:2.3:a:trend_micro:interscan_viruswall:3.6:-:windows_nt
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0
    cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190
    cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130
    cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130
  • cpe:2.3:a:trend_micro:interscan_viruswall:3.81:-:linux
    cpe:2.3:a:trend_micro:interscan_viruswall:3.81:-:linux
  • cpe:2.3:a:trend_micro:interscan_viruswall:5.1:-:windows_nt
    cpe:2.3:a:trend_micro:interscan_viruswall:5.1:-:windows_nt
  • cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:aix
    cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:aix
  • cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:linux_for_smb
    cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:linux_for_smb
  • cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:smb
    cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:smb
  • cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:windows
    cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:windows
  • cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:windows_nt_for_smb
    cpe:2.3:a:trend_micro:interscan_viruswall:gold:-:windows_nt_for_smb
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6
  • cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0
    cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0
  • cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002
    cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002
  • cpe:2.3:a:trend_micro:interscan_web_security_suite:-:linux
    cpe:2.3:a:trend_micro:interscan_web_security_suite:-:linux
  • cpe:2.3:a:trend_micro:interscan_web_security_suite:-:linux_1.0.0_ja
    cpe:2.3:a:trend_micro:interscan_web_security_suite:-:linux_1.0.0_ja
  • cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:linux
    cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:linux
  • cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:solaris
    cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:solaris
  • cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:windows
    cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:-:windows
  • cpe:2.3:a:trend_micro:interscan_webmanager:1.2
    cpe:2.3:a:trend_micro:interscan_webmanager:1.2
  • cpe:2.3:a:trend_micro:interscan_webmanager:2.0
    cpe:2.3:a:trend_micro:interscan_webmanager:2.0
  • cpe:2.3:a:trend_micro:interscan_webmanager:2.1
    cpe:2.3:a:trend_micro:interscan_webmanager:2.1
  • cpe:2.3:a:trend_micro:interscan_webprotect:gold:-:isa
    cpe:2.3:a:trend_micro:interscan_webprotect:gold:-:isa
  • cpe:2.3:a:trend_micro:officescan:3.0:-:corporate
    cpe:2.3:a:trend_micro:officescan:3.0:-:corporate
  • cpe:2.3:a:trend_micro:officescan:4.5.0:-:microsof_sbs
    cpe:2.3:a:trend_micro:officescan:4.5.0:-:microsof_sbs
  • cpe:2.3:a:trend_micro:officescan:7.3
    cpe:2.3:a:trend_micro:officescan:7.3
  • cpe:2.3:a:trend_micro:officescan:corporate_3.0:-:windows_nt_server
    cpe:2.3:a:trend_micro:officescan:corporate_3.0:-:windows_nt_server
  • cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:-:windows_nt_server
    cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:-:windows_nt_server
  • cpe:2.3:a:trend_micro:officescan:corporate_3.11
    cpe:2.3:a:trend_micro:officescan:corporate_3.11
  • cpe:2.3:a:trend_micro:officescan:corporate_3.11:-:windows_nt_server
    cpe:2.3:a:trend_micro:officescan:corporate_3.11:-:windows_nt_server
  • cpe:2.3:a:trend_micro:officescan:corporate_3.13
    cpe:2.3:a:trend_micro:officescan:corporate_3.13
  • cpe:2.3:a:trend_micro:officescan:corporate_3.13:-:windows_nt_server
    cpe:2.3:a:trend_micro:officescan:corporate_3.13:-:windows_nt_server
  • cpe:2.3:a:trend_micro:officescan:corporate_3.5
    cpe:2.3:a:trend_micro:officescan:corporate_3.5
  • cpe:2.3:a:trend_micro:officescan:corporate_3.5:-:windows_nt_server
    cpe:2.3:a:trend_micro:officescan:corporate_3.5:-:windows_nt_server
  • cpe:2.3:a:trend_micro:officescan:corporate_3.54
    cpe:2.3:a:trend_micro:officescan:corporate_3.54
  • cpe:2.3:a:trend_micro:officescan:corporate_5.02
    cpe:2.3:a:trend_micro:officescan:corporate_5.02
  • cpe:2.3:a:trend_micro:officescan:corporate_5.5
    cpe:2.3:a:trend_micro:officescan:corporate_5.5
  • cpe:2.3:a:trend_micro:officescan:corporate_5.58
    cpe:2.3:a:trend_micro:officescan:corporate_5.58
  • cpe:2.3:a:trend_micro:officescan:corporate_6.5
    cpe:2.3:a:trend_micro:officescan:corporate_6.5
  • cpe:2.3:a:trend_micro:officescan:corporate_7.0
    cpe:2.3:a:trend_micro:officescan:corporate_7.0
  • cpe:2.3:a:trend_micro:officescan:corporate_7.3
    cpe:2.3:a:trend_micro:officescan:corporate_7.3
  • cpe:2.3:a:trend_micro:pc-cillin:2000
    cpe:2.3:a:trend_micro:pc-cillin:2000
  • cpe:2.3:a:trend_micro:pc-cillin:2002
    cpe:2.3:a:trend_micro:pc-cillin:2002
  • cpe:2.3:a:trend_micro:pc-cillin:2003
    cpe:2.3:a:trend_micro:pc-cillin:2003
  • cpe:2.3:a:trend_micro:pc-cillin:2005
    cpe:2.3:a:trend_micro:pc-cillin:2005
  • cpe:2.3:a:trend_micro:pc-cillin:2006
    cpe:2.3:a:trend_micro:pc-cillin:2006
  • cpe:2.3:a:trend_micro:pc-cillin:6.0
    cpe:2.3:a:trend_micro:pc-cillin:6.0
  • cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485
    cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485
  • cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244
    cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244
  • cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023
    cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023
  • cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007
    cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007
  • cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006
    cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006
  • cpe:2.3:a:trend_micro:portalprotect:1.0
    cpe:2.3:a:trend_micro:portalprotect:1.0
  • cpe:2.3:a:trend_micro:portalprotect:1.2:-:sharepoint
    cpe:2.3:a:trend_micro:portalprotect:1.2:-:sharepoint
  • cpe:2.3:a:trend_micro:scanmail:1.0.0
    cpe:2.3:a:trend_micro:scanmail:1.0.0
  • cpe:2.3:a:trend_micro:scanmail:2.51:-:domino
    cpe:2.3:a:trend_micro:scanmail:2.51:-:domino
  • cpe:2.3:a:trend_micro:scanmail:2.6:-:domino
    cpe:2.3:a:trend_micro:scanmail:2.6:-:domino
  • cpe:2.3:a:trend_micro:scanmail:3.8:-:microsoft_exchange
    cpe:2.3:a:trend_micro:scanmail:3.8:-:microsoft_exchange
  • cpe:2.3:a:trend_micro:scanmail:3.81:-:microsoft_exchange
    cpe:2.3:a:trend_micro:scanmail:3.81:-:microsoft_exchange
  • cpe:2.3:a:trend_micro:scanmail:6.1:-:microsoft_exchange
    cpe:2.3:a:trend_micro:scanmail:6.1:-:microsoft_exchange
  • cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_aix
    cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_aix
  • cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_as_400
    cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_as_400
  • cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_s_390
    cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_s_390
  • cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_solaris
    cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_solaris
  • cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_windows
    cpe:2.3:a:trend_micro:scanmail:gold:-:lotus_domino_on_windows
  • cpe:2.3:a:trend_micro:scanmail_emanager
    cpe:2.3:a:trend_micro:scanmail_emanager
  • cpe:2.3:a:trend_micro:scanning_engine:7.1.0
    cpe:2.3:a:trend_micro:scanning_engine:7.1.0
  • cpe:2.3:a:trend_micro:serverprotect:5.3.1
    cpe:2.3:a:trend_micro:serverprotect:5.3.1
  • cpe:2.3:a:trend_micro:serverprotect:5.5.8
    cpe:2.3:a:trend_micro:serverprotect:5.5.8
  • cpe:2.3:a:trend_micro:serverprotect:5.58
    cpe:2.3:a:trend_micro:serverprotect:5.58
  • cpe:2.3:a:trend_micro:serverprotect:5.58:-:windows
    cpe:2.3:a:trend_micro:serverprotect:5.58:-:windows
  • cpe:2.3:a:trend_micro:serverprotect:linux
    cpe:2.3:a:trend_micro:serverprotect:linux
  • cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0
    cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0
  • cpe:2.3:a:trend_micro:serverprotect:novell_netware
    cpe:2.3:a:trend_micro:serverprotect:novell_netware
  • cpe:2.3:a:trend_micro:serverprotect:windows
    cpe:2.3:a:trend_micro:serverprotect:windows
  • cpe:2.3:a:trend_micro:viruswall:3.0.1
    cpe:2.3:a:trend_micro:viruswall:3.0.1
  • cpe:2.3:a:trend_micro:web_security_suite:1.2.0
    cpe:2.3:a:trend_micro:web_security_suite:1.2.0
  • cpe:2.3:a:trend_micro:webprotect:3.1.0
    cpe:2.3:a:trend_micro:webprotect:3.1.0
CVSS
Base: 9.3 (as of 09-02-2007 - 15:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows
NASL id TRENDMICRO_UPX_PARSING.NASL
description The remote host is running Trend Antivirus, a commercial antivirus software package for Windows. The scan engine of the remote antivirus is affected by a UPX file parsing vulnerability that could potentially allow an attacker to crash the scan engine or execute arbitrary code.
last seen 2019-02-21
modified 2018-11-15
plugin id 24681
published 2007-02-21
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=24681
title Trend Micro UPX File Parsing Overflow
refmap via4
bid 22449
cert-vn VU#276432
confirm http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289
idefense 20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability
jvn JVN#77366274
misc http://www.jpcert.or.jp/at/2007/at070004.txt
osvdb 33038
sectrack
  • 1017601
  • 1017602
  • 1017603
secunia
  • 24087
  • 24128
vupen
  • ADV-2007-0522
  • ADV-2007-0569
xf antivirus-upx-bo(32352)
Last major update 07-03-2011 - 21:50
Published 08-02-2007 - 13:28
Last modified 28-07-2017 - 21:30
Back to Top