Trend Micro Antivirus UPX Compressed PE File Buffer Overflow Vulnerability
Severity: CRITICAL
CVE Identifier: CVE-2007-0851
Advisory Date: FEB 15, 2011
DESCRIPTION
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000943
Trend Micro Deep Security DPI Rule Name: 1000943 - Detect UPX Packed Executable Download
AFFECTED SOFTWARE AND VERSION
- Trend Micro Client/Server Suite for SMB for Windows
- Trend Micro Client/Server/Messaging Suite for SMB for Windows
- Trend Micro Control Manager 2.5.0
- Trend Micro Control Manager 3.5
- Trend Micro Control Manager for AS/400
- Trend Micro Control Manager for NetWare
- Trend Micro Control Manager for S/390
- Trend Micro Control Manager for Solaris
- Trend Micro Control Manager for Windows
- Trend Micro Control Manager for Windows NT/2000
- Trend Micro InterScan Messaging Security Suite
- Trend Micro InterScan Messaging Security Suite 3.81
- Trend Micro InterScan Messaging Security Suite 5.5
- Trend Micro InterScan Messaging Security Suite 5.5 build 1183
- Trend Micro InterScan Messaging Security Suite for Linux
- Trend Micro InterScan Messaging Security Suite for Solaris
- Trend Micro InterScan Messaging Security Suite for Windows
- Trend Micro InterScan VirusWall 3.0.1
- Trend Micro InterScan VirusWall 3.1.0
- Trend Micro InterScan VirusWall 3.2.3
- Trend Micro InterScan VirusWall 3.3
- Trend Micro InterScan VirusWall 3.32
- Trend Micro InterScan VirusWall 3.6
- Trend Micro InterScan VirusWall 3.6 for Windows NT
- Trend Micro InterScan VirusWall 3.6.0 Build 1166
- Trend Micro InterScan VirusWall 3.6.0 Build 1182
- Trend Micro InterScan VirusWall 3.7.0
- Trend Micro InterScan VirusWall 3.7.0 Build 1190
- Trend Micro InterScan VirusWall 3.8.0 Build 1130
- Trend Micro InterScan VirusWall 3.81
- Trend Micro InterScan VirusWall 5.1 for Windows NT
- Trend Micro InterScan VirusWall Linux for SMB
- Trend Micro InterScan VirusWall Scan Engine 7.510.0-1002
- Trend Micro InterScan VirusWall Windows NT for SMB
- Trend Micro InterScan VirusWall for AIX
- Trend Micro InterScan VirusWall for HP-UX 3.6
- Trend Micro InterScan VirusWall for Linux 3.0.1
- Trend Micro InterScan VirusWall for Linux 3.6
- Trend Micro InterScan VirusWall for SMB
- Trend Micro InterScan VirusWall for Solaris 3.6
- Trend Micro InterScan VirusWall for Windows
- Trend Micro InterScan VirusWall for Windows NT 3.4
- Trend Micro InterScan VirusWall for Windows NT 3.5
- Trend Micro InterScan VirusWall for Windows NT 3.51
- Trend Micro InterScan VirusWall for Windows NT 3.52
- Trend Micro InterScan VirusWall for Windows NT 3.52 build 1466
- Trend Micro InterScan VirusWall for Windows NT 3.6
- Trend Micro InterScan VirusWall for Windows NT 5.1.0
- Trend Micro InterScan Web Security Suite
- Trend Micro InterScan Web Security Suite for Linux
- Trend Micro InterScan Web Security Suite for Solaris
- Trend Micro InterScan Web Security Suite for Windows
- Trend Micro InterScan WebManager 1.2
- Trend Micro InterScan WebManager 2.0
- Trend Micro InterScan WebManager 2.1
- Trend Micro InterScan WebProtect for ISA
- Trend Micro InterScan eManager 3.5
- Trend Micro InterScan eManager 3.5.2
- Trend Micro InterScan eManager 3.51
- Trend Micro InterScan eManager 3.51 j
- Trend Micro InterScan eManager 3.6
- Trend Micro Office Scan 7.3
- Trend Micro OfficeScan 4.5.0
- Trend Micro OfficeScan Corporate 3.0
- Trend Micro OfficeScan Corporate 3.0 for Windows NT Server
- Trend Micro OfficeScan Corporate 3.1.1 for Windows NT Server
- Trend Micro OfficeScan Corporate 3.11
- Trend Micro OfficeScan Corporate 3.11 for Windows NT Server
- Trend Micro OfficeScan Corporate 3.13
- Trend Micro OfficeScan Corporate 3.13 for Windows NT Server
- Trend Micro OfficeScan Corporate 3.5
- Trend Micro OfficeScan Corporate 3.5 for Windows NT Server
- Trend Micro OfficeScan Corporate 3.54
- Trend Micro OfficeScan Corporate 5.0 2
- Trend Micro OfficeScan Corporate 5.02
- Trend Micro OfficeScan Corporate 5.5
- Trend Micro OfficeScan Corporate 5.58
- Trend Micro OfficeScan Corporate 6.5
- Trend Micro OfficeScan Corporate 7.0
- Trend Micro OfficeScan Corporate 7.3
- Trend Micro PC Cillin - Internet Security 2006
- Trend Micro PC-Cillin Internet Security 14 14.00.1485
- Trend Micro PC-Cillin Internet Security 2005 12.0.0 0 build 1244
- Trend Micro PC-Cillin Internet Security 2006 14.10.0.1023
- Trend Micro PC-Cillin Internet Security 2007
- Trend Micro PC-cillin 2000
- Trend Micro PC-cillin 2002
- Trend Micro PC-cillin 2003
- Trend Micro PC-cillin 2005
- Trend Micro PC-cillin 2006
- Trend Micro PC-cillin 6.0
- Trend Micro PortalProtect 1.0
- Trend Micro PortalProtect 1.2
- Trend Micro ScanMail 1.0.0
- Trend Micro ScanMail 2.51 for Domino
- Trend Micro ScanMail 2.6 for Domino
- Trend Micro ScanMail 3.8 for Microsoft Exchange
- Trend Micro ScanMail 3.81 for Microsoft Exchange
- Trend Micro ScanMail 6.1 for Microsoft Exchange
- Trend Micro ScanMail eManager
- Trend Micro ScanMail for Lotus Domino on AIX
- Trend Micro ScanMail for Lotus Domino on AS/400
- Trend Micro ScanMail for Lotus Domino on S/390
- Trend Micro ScanMail for Lotus Domino on Solaris
- Trend Micro ScanMail for Lotus Domino on Windows
- Trend Micro Scanning Engine 7.1.0
- Trend Micro ServerProtect 5.3.1
- Trend Micro ServerProtect 5.5.8
- Trend Micro ServerProtect 5.58
- Trend Micro ServerProtect Linux
- Trend Micro ServerProtect Linux 1.2.0
- Trend Micro ServerProtect Novell Netware
- Trend Micro ServerProtect Windows
- Trend Micro VirusWall 3.0.1
- Trend Micro Web Security Suite 1.2.0
- Trend Micro WebProtect 3.1.0
Featured Stories
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more