CVE-2008-2437
https://notcve.org/view.php?id=CVE-2008-2437
Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter. Desbordamiento de búfer basado en pila en cgiRecvFile.exe en Trend Micro OfficeScan 7.3 patch 4 build 1362 y otras, OfficeScan 8.0 y 8.0 SP1, y Client Server Messaging Security 3.6, permite a atacantes remotos ejecutar código de su elección a través de peticiones HTTP que contienen un parámetro largo "ComputerName". • http://secunia.com/advisories/31342 http://secunia.com/secunia_research/2008-35 http://securityreason.com/securityalert/4263 http://www.securityfocus.com/archive/1/496281/100/0/threaded http://www.securityfocus.com/bid/31139 http://www.securitytracker.com/id?1020860 http://www.trendmicro.com/ftp/documentation/readme/CSM_3.6_OSCE_7.6_Win_EN_CriticalPatch_B1195_readme.txt http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1367_readme.txt http://www.t • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0325 – Trend Micro OfficeScan - Client ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-0325
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. Múltiples desbordamientos de búfer en el control ActiveX Trend Micro OfficeScan Web-Deployment SetupINICtrl en OfficeScanSetupINI.dll, como ha sido usado en OfficeScan 7.0 anterior a Build 1344, OfficeScan 7.3 anetrior a Build 1241, y Client / Server / Messaging Security 3.0 anterior a Build 1197, permite a atacantes remotos ejecutar código de su elección mediante un documento HTML artesanal. • https://www.exploit-db.com/exploits/16535 http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288 http://osvdb.org/33040 http://secunia.com/advisories/24193 http://www.kb.cert.org/vuls/id/784369 http://www.securityfocus.com/bid/22585 http://www.securitytracker.com/id?1017664 http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt http://www.vupen.com/english/advisories/2007/0638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0856
https://notcve.org/view.php?id=CVE-2007-0856
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context. TmComm.sys 1.5.0.1052 en el Trend Micro Anti-Rootkit Common Module (RCM), con el motor de búsqueda VsapiNI.sys 3.320.0.1003, como se usa en Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware para SMB 3.2 SP1, Anti-Spyware para Consumer 3.5, Anti-Spyware para Enterprise 3.0 SP2, Client / Server / Messaging Security para SMB 3.5, Damage Cleanup Services 3.2, y posiblemente otros productos, asigna permisos de escritura para TODOS para la interfaz de dispositivo DOS \\.\TmComm, que permite a usuarios locales acceder a IOCTLs privilegiadas y ejecutar código de su elección o sobre-escribir memoria de su elección en el contexto Kernel. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469 http://osvdb.org/33039 http://secunia.com/advisories/24069 http://securitytracker.com/id?1017604 http://securitytracker.com/id?1017605 http://securitytracker.com/id? •
CVE-2007-0851
https://notcve.org/view.php?id=CVE-2007-0851
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. Un desbordamiento de búfer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versión 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecutar código arbitrario por medio de un ejecutable comprimido UPX malformado. • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 http://jvn.jp/jp/JVN%2377366274/index.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470 http://osvdb.org/33038 http://secunia.com/advisories/24087 http://secunia.com/advisories/24128 http://securitytracker.com/id?1017601 http://securitytracker.com/id?1017602 http://securitytracker.com/id? •
CVE-2005-0533
https://notcve.org/view.php?id=CVE-2005-0533
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. • http://secunia.com/advisories/14396 http://securitytracker.com/id?1013289 http://securitytracker.com/id?1013290 http://www.securityfocus.com/bid/12643 http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution http://xforce.iss.net/xforce/alerts/id/189 •