CVSS: 7.2EPSS: 1%CPEs: 3EXPL: 0CVE-2007-6386
https://notcve.org/view.php?id=CVE-2007-6386
15 Dec 2007 — Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. Desbordamiento de buffer relacionado con la pila en PccScan.dll, en versiones... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2007-0856
https://notcve.org/view.php?id=CVE-2007-0856
08 Feb 2007 — TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access p... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 •