jvndb-2007-000135
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
CCC Cleaner buffer overflow vulnerability
Details
CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables. This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro's website. CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder. Filenames: lpt$vpn.185 As of February 13, 2006, Trend Micro has announced that the vulnerability "the Anti-Rootkit Common Module (TmComm.sys)" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor's website.
References
JVN http://jvn.jp/en/jp/JVN77366274/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0856
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0856
CERT-VN http://www.kb.cert.org/vuls/id/282240
CERT-VN http://www.kb.cert.org/vuls/id/666800
SECUNIA http://secunia.com/advisories/24069/
BID http://www.securityfocus.com/bid/22448
XF http://xforce.iss.net/xforce/xfdb/32353
SECTRACK http://www.securitytracker.com/id?1017604
SECTRACK http://www.securitytracker.com/id?1017605
SECTRACK http://www.securitytracker.com/id?1017606
FRSIRT http://www.frsirt.com/english/advisories/2007/0521
Impacted products
Cyber Clean CenterCCC Cleaner
Trend Micro, Inc.Trend Micro Anti-Spyware for Consumer
Trend Micro, Inc.Trend Micro Anti-Spyware for Enterprise
Trend Micro, Inc.Trend Micro Anti-Spyware for SMB
Trend Micro, Inc.Trend Micro Antivirus
Trend Micro, Inc.Worry-Free Business Security
Trend Micro, Inc.Client / Server / Messaging Security for SMB
Trend Micro, Inc.Damage Cleanup Services
Trend Micro, Inc.Trend Micro PC Cillin Internet Security
Trend Micro, Inc.Rootkit Provision Module (TmComm.sys)
Trend Micro, Inc.Virus Baster
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000135.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.\r\n\r\nThis vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro\u0027s website.\r\n\r\nCCC Cleaner is affected by this vulnerability only when the following file is contained in the \"CCC Cleaner\" folder.\r\n\r\nFilenames:  lpt$vpn.185\r\n\r\nAs of February 13, 2006, Trend Micro has announced that the vulnerability \"the Anti-Rootkit Common Module (TmComm.sys)\" disclosed on February 11, 2006 does not affect CCC Cleaner.  For more information, refer to the vendor\u0027s website.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000135.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:misc:ccc_cleaner",
      "@product": "CCC Cleaner",
      "@vendor": "Cyber Clean Center",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:anti-spyware_for_consumer",
      "@product": "Trend Micro Anti-Spyware for Consumer",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:anti-spyware_for_enterprise",
      "@product": "Trend Micro Anti-Spyware for Enterprise",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:anti-spyware_for_smb",
      "@product": "Trend Micro Anti-Spyware for SMB",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:antivirus",
      "@product": "Trend Micro Antivirus",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:client_server_messaging_security_for_smb",
      "@product": "Client / Server / Messaging Security for SMB",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:damage_cleanup_services",
      "@product": "Damage Cleanup Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:pc_cillin_internet_security",
      "@product": "Trend Micro PC Cillin Internet Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:rootkit_provision_module_tmcomm.sys",
      "@product": "Rootkit Provision Module (TmComm.sys)",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:virus_baster",
      "@product": "Virus Baster",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.4",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000135",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN77366274/index.html",
      "@id": "JVN#77366274",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0856",
      "@id": "CVE-2007-0856",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0856",
      "@id": "CVE-2007-0856",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/282240",
      "@id": "VU#282240",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/666800",
      "@id": "VU#666800",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://secunia.com/advisories/24069/",
      "@id": "SA24069",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/22448",
      "@id": "22448",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/32353",
      "@id": "32353",
      "@source": "XF"
    },
    {
      "#text": "http://www.securitytracker.com/id?1017604",
      "@id": "1017604",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.securitytracker.com/id?1017605",
      "@id": "1017605",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.securitytracker.com/id?1017606",
      "@id": "1017606",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/0521",
      "@id": "FrSIRT/ADV-2007-0521",
      "@source": "FRSIRT"
    }
  ],
  "title": "CCC Cleaner buffer overflow vulnerability"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.