All the vulnerabilites related to Trend Micro, Inc. - Trend Micro Scan Engine
jvndb-2007-000199
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables
Details
CCC Cleaner, provided from Cyber Clean Center between January 25 and March 12, 2007, contains a division-by-zero vulnerability that occurs when it scans UPX-packed executables.
This vulnerability is caused by the "Antivirus UPX Parsing Kernel Buffer Overflow Vulnerability" on TrendMicro's anti-virus product. For details of this vulnerability, please refer to the information provided by TrendMicro.
This vulnerability is different from "JVN#77366274: CCC Cleaner buffer overflow vulnerability."
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000199.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "CCC Cleaner, provided from Cyber Clean Center between January 25 and March 12, 2007, contains a division-by-zero vulnerability that occurs when it scans UPX-packed executables.\r\n\r\nThis vulnerability is caused by the \"Antivirus UPX Parsing Kernel Buffer Overflow Vulnerability\" on TrendMicro\u0027s anti-virus product. For details of this vulnerability, please refer to the information provided by TrendMicro.\r\n\r\nThis vulnerability is different from \"JVN#77366274: CCC Cleaner buffer overflow vulnerability.\"", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000199.html", "sec:cpe": [ { "#text": "cpe:/a:misc:ccc_cleaner", "@product": "CCC Cleaner", "@vendor": "Cyber Clean Center", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:scan_engine", "@product": "Trend Micro Scan Engine", "@vendor": "Trend Micro, Inc.", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:virus_search_engine_vs_api", "@product": "Virus Search Engine VS API", "@vendor": "Trend Micro, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "7.8", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000199", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN80126589/index.html", "@id": "JVN#80126589", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1591", "@id": "CVE-2007-1591", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1591", "@id": "CVE-2007-1591", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/24450", "@id": "SA24450", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/22965", "@id": "22965", "@source": "BID" }, { "#text": "http://www.frsirt.com/english/advisories/2007/0959", "@id": "FrSIRT/ADV-2007-0959", "@source": "FRSIRT" } ], "title": "CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables" }
jvndb-2007-000127
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
CCC Cleaner buffer overflow vulnerability
Details
CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.
This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro's website.
CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder.
Filenames: lpt$vpn.185
As of February 13, 2006, Trend Micro has announced that the vulnerability "the Anti-Rootkit Common Module (TmComm.sys)" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor's website.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000127.html", "dc:date": "2008-05-21T00:00+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2008-05-21T00:00+09:00", "description": "CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.\r\n\r\nThis vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro\u0027s website.\r\n\r\nCCC Cleaner is affected by this vulnerability only when the following file is contained in the \"CCC Cleaner\" folder.\r\n\r\nFilenames: lpt$vpn.185\r\n\r\nAs of February 13, 2006, Trend Micro has announced that the vulnerability \"the Anti-Rootkit Common Module (TmComm.sys)\" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor\u0027s website.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000127.html", "sec:cpe": [ { "#text": "cpe:/a:misc:ccc_cleaner", "@product": "CCC Cleaner", "@vendor": "Cyber Clean Center", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:scan_engine", "@product": "Trend Micro Scan Engine", "@vendor": "Trend Micro, Inc.", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:virus_search_engine_vs_api", "@product": "Virus Search Engine VS API", "@vendor": "Trend Micro, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "5.4", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000127", "sec:references": [ { "#text": "http://jvn.jp/cert/JVNVU%23276432/index.html", "@id": "JVNVU#276432", "@source": "JVN" }, { "#text": "http://jvn.jp/en/jp/JVN77366274/index.html", "@id": "JVN#77366274", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0851", "@id": "CVE-2007-0851", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0851", "@id": "CVE-2007-0851", "@source": "NVD" }, { "#text": "http://www.kb.cert.org/vuls/id/276432", "@id": "VU#276432", "@source": "CERT-VN" }, { "#text": "http://secunia.com/advisories/24087", "@id": "SA24087", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/22449", "@id": "22449", "@source": "BID" }, { "#text": "http://securitytracker.com/id?1017601", "@id": "1017601", "@source": "SECTRACK" }, { "#text": "http://www.frsirt.com/english/advisories/2007/0522", "@id": "FrSIRT/ADV-2007-0522", "@source": "FRSIRT" } ], "title": "CCC Cleaner buffer overflow vulnerability" }