Vulnerability Description
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Client-Server-Messaging Suite Smb | gold |
| Trend Micro | Client-Server Suite Smb | gold |
| Trend Micro | Control Manager | 2.5.0 |
| Trend Micro | Interscan Emanager | 3.5 |
| Trend Micro | Interscan Messaging Security Suite | All versions |
| Trend Micro | Interscan Viruswall | 3.0.1 |
| Trend Micro | Interscan Viruswall For Windows Nt | 3.4 |
| Trend Micro | Interscan Viruswall Scan Engine | 7.510.0-1002 |
| Trend Micro | Interscan Web Security Suite | All versions |
| Trend Micro | Interscan Webmanager | 1.2 |
| Trend Micro | Interscan Webprotect | gold |
| Trend Micro | Officescan | 3.0 |
| Trend Micro | Pc-Cillin | 6.0 |
| Trend Micro | Pc-Cillin Internet Security | 14_14.00.1485 |
| Trend Micro | Pc Cillin - Internet Security 2006 | All versions |
| Trend Micro | Portalprotect | 1.0 |
| Trend Micro | Scanmail | 1.0.0 |
| Trend Micro | Scanmail Emanager | All versions |
| Trend Micro | Scanning Engine | 7.1.0 |
| Trend Micro | Serverprotect | 5.3.1 |
References
- http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289PatchVendor Advisory
- http://jvn.jp/jp/JVN%2377366274/index.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470PatchVendor Advisory
- http://osvdb.org/33038
- http://secunia.com/advisories/24087PatchVendor Advisory
- http://secunia.com/advisories/24128
- http://securitytracker.com/id?1017601PatchVendor Advisory
- http://securitytracker.com/id?1017602
- http://securitytracker.com/id?1017603
- http://www.jpcert.or.jp/at/2007/at070004.txt
- http://www.kb.cert.org/vuls/id/276432US Government Resource
- http://www.securityfocus.com/bid/22449PatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/0522
- http://www.vupen.com/english/advisories/2007/0569
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32352
FAQ
What is CVE-2007-0851?
CVE-2007-0851 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execut...
How severe is CVE-2007-0851?
CVE-2007-0851 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0851?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Client-Server-Messaging Suite Smb, Trend Micro Client-Server Suite Smb, Trend Micro Control Manager, Trend Micro Interscan Emanager, Trend Micro Interscan Messaging Security Suite.