Secunia

Customer Area icon help

Need help?

Try CSI

Download PSI icon Scan now

Scan Now

Community

Advisories

Database Search Advisories by Product Advisories by Vendor Terminology Report vulnerability

Research Forum My Profile Our Commitment

Community Login

Register now
Forgot password?

Secunia Advisory SA23321

Trend Micro Products RAR Processing Denial Of Service

Secunia Advisory

SA23321

DOWNLOAD CSI

DOWNLOAD PSI

Release Date

2006-12-11

Last Update

2006-12-12

Popularity

9,888 views

Comments

0 comments

Criticality level

Moderately critical

Impact

DoS

Where

From remote

Authentication level

Available in Customer Area

Report reliability

Available in Customer Area

Solution Status

Vendor Patch

3rd party PoC/exploit

Link available in Customer Area

Systems affected

Available in Customer Area

Approve distribution

Available in Customer Area

Remediation status

Secunia CSI, Secunia PSI

Automated scanning

Secunia CSI, Secunia PSI

Software:

Trend Micro OfficeScan Corporate Edition 7.x

Trend Micro PC-cillin Internet Security 2006 / 14.x

Trend Micro ServerProtect for Windows/NetWare 5.x

Secunia CVSS Score

Available in Customer Area

CVE Reference(s)

CVE-2006-5645 CVSS available in Customer Area
CVE-2006-6458 CVSS available in Customer Area

Description
A vulnerability has been reported in various Trend Micro products, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the AntiVirus engine when processing RAR archive with "head_size" and "pack_size" header fields set to 0. This can be exploited to consume almost all CPU resources when scanning a specially crafted RAR archive.

The vulnerability is reported in the following products (other versions may also be affected):
* Trend Micro PC Cillin - Internet Security 2006
* Trend Micro Office Scan 7.3
* Trend Micro Server Protect 5.58

Solution
Update to the latest version of the scan engine.

Provided and/or discovered by
Titon, BastardLabs
Damian Put
An anonymous researcher

Changelog
Further details available in Customer Area

Original Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439

Deep Links
Links available in Customer Area

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Trend Micro Products RAR Processing Denial Of Service

No posts yet

You must be logged in to post a comment.

Latest advisories

New advisories: 8
New vulnerabilities: 53
Updated advisories: 17

719 views
IBM HTTP Server Multiple Vulnerabilities

231 views
Limny Multiple Vulnerabilities

283 views
Crimson Editor Configuration File Buffer Overflow Vulnerability

275 views
SiteDone Custom Edition "articleId" SQL Injection Vulnerability

370 views
CA ARCserve Backup JRE Multiple Vulnerabilities

327 views
Ubuntu update for thunderbird

290 views
Liquid XML Studio LtXmlComHelp8 ActiveX "OpenFile()" Buffer Overflow

234 views
Debian update for php5

389 views
DotNetNuke Cross-Site Scripting Vulnerability

See all