Vulnerability Description
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Officescan | 7.3 |
| Trend Micro | Pc Cillin - Internet Security 2006 | All versions |
| Trend Micro | Serverprotect | 5.58 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439
- http://secunia.com/advisories/23321
- http://www.securityfocus.com/bid/21509
- http://www.vupen.com/english/advisories/2006/4918
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439
- http://secunia.com/advisories/23321
- http://www.securityfocus.com/bid/21509
- http://www.vupen.com/english/advisories/2006/4918
FAQ
What is CVE-2006-6458?
CVE-2006-6458 is a vulnerability with a CVSS score of 7.8 (HIGH). The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remo...
How severe is CVE-2006-6458?
CVE-2006-6458 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6458?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Officescan, Trend Micro Pc Cillin - Internet Security 2006, Trend Micro Serverprotect.