VAR-200712-0223
Vulnerability from variot - Updated: 2022-05-04 08:59Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. Trend Micro Antivirus Plus Antispyware is prone to a denial-of-service vulnerability.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
The vulnerability is caused due to a boundary error within PccScan.dll when decoding UUE files and can be exploited to cause a buffer overflow via a specially crafted UUE file.
NOTE: The vendor's advisory states that the vulnerability is caused due to a format-string error when handling certain fields of a UUE file during decoding. It is not clear if this is a separate vulnerability. http://solutionfile.trendmicro.com/solutionfile/1036464/EN/tis_160_win_en_patch_pccscan1451.exe
PROVIDED AND/OR DISCOVERED BY: Sowhat, Nevis Labs
ORIGINAL ADVISORY: Trend Micro: http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464
Sowhat: http://secway.org/advisory/AD20071211.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "antivirus plus antispyware",
"scope": "eq",
"trust": 2.4,
"vendor": "trend micro",
"version": "2008"
},
{
"model": "internet security virus bust",
"scope": "eq",
"trust": 1.6,
"vendor": "trend micro",
"version": "2008"
},
{
"model": "internet security pro",
"scope": "eq",
"trust": 1.0,
"vendor": "trend micro",
"version": "*"
},
{
"model": "internet security virus bust",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "internet security pro",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "2008"
},
{
"model": "internet security pro",
"scope": null,
"trust": 0.6,
"vendor": "trend micro",
"version": null
},
{
"model": "internet security pro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "0"
},
{
"model": "internet security virus bust bld",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "20081451"
},
{
"model": "antivirus plus antispyware bld",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "20081450"
}
],
"sources": [
{
"db": "BID",
"id": "81509"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trend_micro:trend_micro_antivirus_plus_antispyware:2008:bld_1450:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trend_micro:trend_micro_internet_security__virus_bust:2008:bld_1451:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trend_micro:trend_micro_internet_security_pro:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "81509"
}
],
"trust": 0.3
},
"cve": "CVE-2007-6386",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-6386",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6386",
"trust": 1.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-158",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. Trend Micro Antivirus Plus Antispyware is prone to a denial-of-service vulnerability. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe vulnerability is caused due to a boundary error within\nPccScan.dll when decoding UUE files and can be exploited to cause a\nbuffer overflow via a specially crafted UUE file. \n\nNOTE: The vendor\u0027s advisory states that the vulnerability is caused\ndue to a format-string error when handling certain fields of a UUE\nfile during decoding. It is not clear if this is a separate\nvulnerability. \nhttp://solutionfile.trendmicro.com/solutionfile/1036464/EN/tis_160_win_en_patch_pccscan1451.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nSowhat, Nevis Labs\n\nORIGINAL ADVISORY:\nTrend Micro:\nhttp://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464\n\nSowhat:\nhttp://secway.org/advisory/AD20071211.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6386"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "BID",
"id": "81509"
},
{
"db": "PACKETSTORM",
"id": "61785"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6386",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1019079",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "28038",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39770",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "39769",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-4191",
"trust": 1.6
},
{
"db": "XF",
"id": "38982",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158",
"trust": 0.6
},
{
"db": "BID",
"id": "81509",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "61785",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "81509"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "PACKETSTORM",
"id": "61785"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"id": "VAR-200712-0223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-04T08:59:20.749000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.trendmicro.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://secway.org/advisory/ad20071211.txt"
},
{
"trust": 2.0,
"url": "http://esupport.trendmicro.com/support/viewxml.do?contentid=1036464"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1019079"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/28038"
},
{
"trust": 1.6,
"url": "http://osvdb.org/39770"
},
{
"trust": 1.6,
"url": "http://osvdb.org/39769"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4191"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38982"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/38982"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6386"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6386"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/4191"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16915/"
},
{
"trust": 0.1,
"url": "http://solutionfile.trendmicro.com/solutionfile/1036464/en/tis_160_win_en_patch_pccscan1451.exe"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16917/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16916/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28038/"
}
],
"sources": [
{
"db": "BID",
"id": "81509"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "PACKETSTORM",
"id": "61785"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "81509"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"db": "PACKETSTORM",
"id": "61785"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-14T00:00:00",
"db": "BID",
"id": "81509"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"date": "2007-12-13T18:34:25",
"db": "PACKETSTORM",
"id": "61785"
},
{
"date": "2007-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"date": "2007-12-15T02:46:00",
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-14T00:00:00",
"db": "BID",
"id": "81509"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-006431"
},
{
"date": "2007-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-158"
},
{
"date": "2017-08-08T01:29:00",
"db": "NVD",
"id": "CVE-2007-6386"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "81509"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trend Micro AntiVirus Such as PccScan.dll Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006431"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-158"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…