|
Trend Micro Products RAR Processing Denial Of Service
|
|
|
|
|
Secunia Advisory:
|
SA23321
|
|
|
Release Date:
|
2006-12-11
|
|
Last Update:
|
2006-12-12
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Trend Micro OfficeScan Corporate Edition 7.x
Trend Micro PC-cillin Internet Security 2006 / 14.x
Trend Micro ServerProtect for Windows/NetWare 5.x
|
| | CVE reference: | CVE-2006-5645 (Secunia mirror)
CVE-2006-6458 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A vulnerability has been reported in various Trend Micro products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the AntiVirus engine when processing RAR archive with "head_size" and "pack_size" header fields set to 0. This can be exploited to consume almost all CPU resources when scanning a specially crafted RAR archive.
The vulnerability is reported in the following products (other versions may also be affected):
* Trend Micro PC Cillin - Internet Security 2006
* Trend Micro Office Scan 7.3
* Trend Micro Server Protect 5.58
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Update to the latest version of the scan engine.
Provided and/or discovered by:
Titon, BastardLabs
Damian Put
An anonymous researcher
Changelog:
2006-12-12: Added CVE reference.
Original Advisory:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
14 Related Secunia Security Advisories, displaying 10
|
|
|
1. Trend Micro OfficeScan CGI Module and Policy Server Buffer Overflows
|
|
2. Trend Micro Scan Engine Tmxpflt.sys Privilege Escalation Vulnerability
|
|
3. Trend Micro ServerProtect Multiple Vulnerabilities
|
|
4. Trend Micro OfficeScan CGI Modules Buffer Overflow and Authentication Bypass
|
|
5. Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
|
|
6. Trend Micro Products UPX Processing Denial of Service
|
|
7. Trend Micro ServerProtect Buffer Overflow Vulnerabilities
|
|
8. Trend Micro OfficeScan Client ActiveX Control Buffer Overflows
|
|
9. Trend Micro Products UPX Processing Buffer Overflow Vulnerability
|
|
10. OfficeScan Corporate Edition "ATXCONSOLE.OCX" Format String Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
