CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-3873
https://notcve.org/view.php?id=CVE-2007-3873
22 Aug 2007 — Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap (VST) feature is enabled, allows local users to cause a denial of service (service crash) or execute arbitrary code via a file with a long pathname, which triggers the overflow during a ReadDirectoryChangesW callback notification. Desbordamiento de búfer basado en pila en vstlib32.dll 1.2.0.1012... • http://esupport.trendmicro.com/support/consumer/search.do?cmd=displayKC&externalId=PUB-en-1035845 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2007-0856
https://notcve.org/view.php?id=CVE-2007-0856
08 Feb 2007 — TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access p... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 •