Vulnerabilites related to trend_micro - pc-cillin_internet_security
CVE-2007-0851 (GCVE-0-2007-0851)
Vulnerability from cvelistv5
Published
2007-02-08 18:00
Modified
2024-08-07 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017601",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22449"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017603"
},
{
"name": "http://www.jpcert.or.jp/at/2007/at070004.txt",
"refsource": "MISC",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"refsource": "OSVDB",
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0851",
"datePublished": "2007-02-08T18:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0856 (GCVE-0-2007-0856)
Vulnerability from cvelistv5
Published
2007-02-08 18:00
Modified
2024-08-07 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070207 Trend Micro TmComm Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469"
},
{
"name": "1017604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017604"
},
{
"name": "22448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22448"
},
{
"name": "24069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24069"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432"
},
{
"name": "VU#666800",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/666800"
},
{
"name": "1017605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017605"
},
{
"name": "ADV-2007-0521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0521"
},
{
"name": "trendmicro-tmcomm-privilege-escalation(32353)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32353"
},
{
"name": "1017606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017606"
},
{
"name": "33039",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33039"
},
{
"name": "VU#282240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/282240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\\\.\\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070207 Trend Micro TmComm Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469"
},
{
"name": "1017604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017604"
},
{
"name": "22448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22448"
},
{
"name": "24069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24069"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432"
},
{
"name": "VU#666800",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/666800"
},
{
"name": "1017605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017605"
},
{
"name": "ADV-2007-0521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0521"
},
{
"name": "trendmicro-tmcomm-privilege-escalation(32353)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32353"
},
{
"name": "1017606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017606"
},
{
"name": "33039",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33039"
},
{
"name": "VU#282240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/282240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\\\.\\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070207 Trend Micro TmComm Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469"
},
{
"name": "1017604",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017604"
},
{
"name": "22448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22448"
},
{
"name": "24069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24069"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432"
},
{
"name": "VU#666800",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/666800"
},
{
"name": "1017605",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017605"
},
{
"name": "ADV-2007-0521",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0521"
},
{
"name": "trendmicro-tmcomm-privilege-escalation(32353)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32353"
},
{
"name": "1017606",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017606"
},
{
"name": "33039",
"refsource": "OSVDB",
"url": "http://osvdb.org/33039"
},
{
"name": "VU#282240",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/282240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0856",
"datePublished": "2007-02-08T18:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-02-08 18:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 | Patch, Vendor Advisory | |
| cve@mitre.org | http://jvn.jp/jp/JVN%2377366274/index.html | ||
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470 | Patch, Vendor Advisory | |
| cve@mitre.org | http://osvdb.org/33038 | ||
| cve@mitre.org | http://secunia.com/advisories/24087 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/24128 | ||
| cve@mitre.org | http://securitytracker.com/id?1017601 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1017602 | ||
| cve@mitre.org | http://securitytracker.com/id?1017603 | ||
| cve@mitre.org | http://www.jpcert.or.jp/at/2007/at070004.txt | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/276432 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/22449 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0522 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0569 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/32352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/jp/JVN%2377366274/index.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/33038 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24087 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24128 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017601 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017602 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017603 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.jpcert.or.jp/at/2007/at070004.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/276432 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/22449 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0569 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/32352 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | client-server-messaging_suite_smb | gold | |
| trend_micro | client-server_suite_smb | gold | |
| trend_micro | control_manager | 2.5.0 | |
| trend_micro | control_manager | 3.5 | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | netware | |
| trend_micro | interscan_emanager | 3.5 | |
| trend_micro | interscan_emanager | 3.5.2 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.51 | |
| trend_micro | interscan_emanager | 3.51_j | |
| trend_micro | interscan_messaging_security_suite | * | |
| trend_micro | interscan_messaging_security_suite | 3.81 | |
| trend_micro | interscan_messaging_security_suite | 5.5 | |
| trend_micro | interscan_messaging_security_suite | 5.5_build_1183 | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.1.0 | |
| trend_micro | interscan_viruswall | 3.2.3 | |
| trend_micro | interscan_viruswall | 3.3 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6.0_build_1182 | |
| trend_micro | interscan_viruswall | 3.6.0_build1166 | |
| trend_micro | interscan_viruswall | 3.6.5 | |
| trend_micro | interscan_viruswall | 3.7.0 | |
| trend_micro | interscan_viruswall | 3.7.0_build1190 | |
| trend_micro | interscan_viruswall | 3.8.0_build1130 | |
| trend_micro | interscan_viruswall | 3.32 | |
| trend_micro | interscan_viruswall | 3.81 | |
| trend_micro | interscan_viruswall | 5.1 | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.4 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.5 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.6 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.51 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.52 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.52_build1466 | |
| trend_micro | interscan_viruswall_for_windows_nt | 5.1.0 | |
| trend_micro | interscan_viruswall_scan_engine | 7.510.0-1002 | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_webmanager | 1.2 | |
| trend_micro | interscan_webmanager | 2.0 | |
| trend_micro | interscan_webmanager | 2.1 | |
| trend_micro | interscan_webprotect | gold | |
| trend_micro | officescan | 3.0 | |
| trend_micro | officescan | 4.5.0 | |
| trend_micro | officescan | 7.3 | |
| trend_micro | officescan | corporate_3.0 | |
| trend_micro | officescan | corporate_3.1.1 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.54 | |
| trend_micro | officescan | corporate_5.02 | |
| trend_micro | officescan | corporate_5.5 | |
| trend_micro | officescan | corporate_5.58 | |
| trend_micro | officescan | corporate_6.5 | |
| trend_micro | officescan | corporate_7.0 | |
| trend_micro | officescan | corporate_7.3 | |
| trend_micro | pc-cillin | 6.0 | |
| trend_micro | pc-cillin | 2000 | |
| trend_micro | pc-cillin | 2002 | |
| trend_micro | pc-cillin | 2003 | |
| trend_micro | pc-cillin | 2005 | |
| trend_micro | pc-cillin | 2006 | |
| trend_micro | pc-cillin_internet_security | 14_14.00.1485 | |
| trend_micro | pc-cillin_internet_security | 2005_12.0.0_0_build_1244 | |
| trend_micro | pc-cillin_internet_security | 2006_14.10.0.1023 | |
| trend_micro | pc-cillin_internet_security | 2007 | |
| trend_micro | pc_cillin_-_internet_security_2006 | * | |
| trend_micro | portalprotect | 1.0 | |
| trend_micro | portalprotect | 1.2 | |
| trend_micro | scanmail | 1.0.0 | |
| trend_micro | scanmail | 2.6 | |
| trend_micro | scanmail | 2.51 | |
| trend_micro | scanmail | 3.8 | |
| trend_micro | scanmail | 3.81 | |
| trend_micro | scanmail | 6.1 | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail_emanager | * | |
| trend_micro | scanning_engine | 7.1.0 | |
| trend_micro | serverprotect | 5.3.1 | |
| trend_micro | serverprotect | 5.5.8 | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | linux | |
| trend_micro | serverprotect | linux_1.2.0 | |
| trend_micro | serverprotect | novell_netware | |
| trend_micro | serverprotect | windows | |
| trend_micro | viruswall | 3.0.1 | |
| trend_micro | web_security_suite | 1.2.0 | |
| trend_micro | webprotect | 3.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068639F9-89E0-4B19-9E24-550087080419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4801FB64-FFC4-4167-9855-69EB8A424EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:linux_5.1.1:*:*:*:*:*",
"matchCriteriaId": "0D03DBA4-3F2D-433A-8D17-01B4D7E16EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183:*:*:*:*:*:*:*",
"matchCriteriaId": "E4587F87-E033-4636-9B61-18D1A7AA54D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "29DA2B3D-D055-4328-8AD3-B5B407B17328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D948171A-3B54-462A-8B2E-2C0266A37E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9D4E2E-889B-4233-8887-9CF00A5023A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F35126E8-F926-4C0B-B37F-AFE78DD2526F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182:*:*:*:*:*:*:*",
"matchCriteriaId": "DA820000-7608-4E3B-A05D-0C3CFC35227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166:*:*:*:*:*:*:*",
"matchCriteriaId": "20349641-1EAD-4401-996F-15C131574F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA147F1-224C-4230-9831-5EB153748793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190:*:*:*:*:*:*:*",
"matchCriteriaId": "E2417050-7F5A-4702-A6F5-DFEFE96CCD78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9F63FB-7B5F-49AF-BC84-B3250A08720A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2F72A6DE-BA1B-4907-B19D-D71B172BB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.81:*:linux:*:*:*:*:*",
"matchCriteriaId": "37ECAEF4-8A0D-4B90-8E4A-62BA72DAA702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F81C82F-4997-4D4E-981B-F1601A8AD281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3120FB-140A-458B-8926-7FE3593331FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B9239FE6-7FE3-4013-8E73-DE648F24EFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "12023885-3D72-4CE4-B60F-F91EEE0C9153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0B132F48-3C0D-4DC9-9255-BB2D1CEBF855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466:*:*:*:*:*:*:*",
"matchCriteriaId": "772DC29B-9C2C-4446-9352-6707E6B6F08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3079D9E-853D-46D3-92E8-E125CC800DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ADC38A-3C58-42B3-9396-0D7B14EA0B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DC6D16A-3D1C-4AA6-B039-BFF5BEE64693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux_1.0.0_ja:*:*:*:*:*",
"matchCriteriaId": "110A575E-761B-4DD7-B4BE-B9AD22C85213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:4.5.0:*:microsof_sbs:*:*:*:*:*",
"matchCriteriaId": "11302ED5-C1AB-40D0-B019-A85C43E362D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD1ADE-408F-45D0-BD0B-FBC83ED976F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "567D7B70-7FE7-4C4F-8D09-C72E28F04FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78CDE85D-4C4B-42D0-BF64-11E880168A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E455A061-A34B-4AB7-88C7-222DB08BED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB1055E-31AA-44DE-A74C-8678A0C268C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*",
"matchCriteriaId": "408D7C07-D6CF-4722-AB74-70DE7C114FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:*",
"matchCriteriaId": "26DA917A-B842-40E7-B3A1-8546ADBB401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3D9AE-690A-4ACE-B6A2-E83F1B7C5507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B425-D79F-4B5F-A588-5DCDCFB87B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D237983-725B-43B5-B733-D25397A846C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.2:*:sharepoint:*:*:*:*:*",
"matchCriteriaId": "1F34805C-1602-45F7-8C03-D585D2F44594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71DAD29C-23D7-45C0-8B1B-AD9CD260EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanning_engine:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB5BDA1-06D4-49B9-99CD-F8B67A5EB895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7ACC41-E475-4770-B446-4B41EE008A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*",
"matchCriteriaId": "5E2F6774-B29F-47E6-8E50-8CF4D9AB3EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB7A187-75F5-41B5-A6A9-2C28AC5F0F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42A4608B-A7E7-4217-8F88-C12E9DEC9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:novell_netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1B8E24-4A28-4110-8DF4-72A5D19FAEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0BE038-C7F1-45FE-BE54-3D4245B3F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:viruswall:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABCB699-614A-45A5-B906-7650BB32EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:web_security_suite:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96D764CC-3574-4D95-8EA2-2C02F36EF133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:webprotect:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21F178A5-CEAF-407F-BDE1-2328A4B959A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versi\u00f3n 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un ejecutable comprimido UPX malformado."
}
],
"evaluatorImpact": "Failed exploit attempts will likely cause a denial-of-service condition.",
"id": "CVE-2007-0851",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-08T18:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33038"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "cve@mitre.org",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-08 18:28
Modified
2025-04-09 00:30
Severity ?
Summary
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 | Patch | |
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469 | Vendor Advisory | |
| cve@mitre.org | http://osvdb.org/33039 | ||
| cve@mitre.org | http://secunia.com/advisories/24069 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1017604 | ||
| cve@mitre.org | http://securitytracker.com/id?1017605 | ||
| cve@mitre.org | http://securitytracker.com/id?1017606 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/282240 | US Government Resource | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/666800 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/22448 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0521 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/32353 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/33039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24069 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017604 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017605 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017606 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/282240 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/666800 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/22448 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0521 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/32353 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | client-server-messaging_security | 3.5 | |
| trend_micro | damage_cleanup_services | 3.2 | |
| trend_micro | pc-cillin_internet_security | 2007 | |
| trend_micro | tmcomm.sys | 1.5.1052 | |
| trend_micro | trend_micro_antirootkit_common_module | * | |
| trend_micro | trend_micro_antispyware | 3.0_sp2 | |
| trend_micro | trend_micro_antispyware | 3.2_sp1 | |
| trend_micro | trend_micro_antispyware | 3.5 | |
| trend_micro | trend_micro_antivirus | 2007 | |
| trend_micro | vsapini.sys | 3.320.1003 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_security:3.5:*:smb:*:*:*:*:*",
"matchCriteriaId": "3FF0A426-B764-4660-AA76-7331940FFBD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:damage_cleanup_services:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B3B2FF-EEEA-4ABA-879A-0075B87DA29F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B425-D79F-4B5F-A588-5DCDCFB87B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:tmcomm.sys:1.5.1052:*:*:*:*:*:*:*",
"matchCriteriaId": "56B2A7AD-E243-4930-B00F-4A7680ED15D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:trend_micro_antirootkit_common_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE4FA55-19D4-4B3E-82EE-52B7B0C5569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:trend_micro_antispyware:3.0_sp2:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "BC5FF5AF-357B-48E0-A7CD-0CA04627DB77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:trend_micro_antispyware:3.2_sp1:*:smb:*:*:*:*:*",
"matchCriteriaId": "634E1211-C6DF-4ED6-BB13-00CEBC1BE72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:trend_micro_antispyware:3.5:*:consumer:*:*:*:*:*",
"matchCriteriaId": "D24123B7-FFA7-4EDC-B15E-23A3020E2E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:trend_micro_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1B23B977-B617-4DB6-89FD-70A3F857A8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:vsapini.sys:3.320.1003:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DC6803-19FB-4E28-AF17-835B6E2C626D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\\\.\\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context."
},
{
"lang": "es",
"value": "TmComm.sys 1.5.0.1052 en el Trend Micro Anti-Rootkit Common Module (RCM), con el motor de b\u00fasqueda VsapiNI.sys 3.320.0.1003, como se usa en Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware para SMB 3.2 SP1, Anti-Spyware para Consumer 3.5, Anti-Spyware para Enterprise 3.0 SP2, Client / Server / Messaging Security para SMB 3.5, Damage Cleanup Services 3.2, y posiblemente otros productos, asigna permisos de escritura para TODOS para la interfaz de dispositivo DOS \\\\.\\TmComm, que permite a usuarios locales acceder a IOCTLs privilegiadas y ejecutar c\u00f3digo de su elecci\u00f3n o sobre-escribir memoria de su elecci\u00f3n en el contexto Kernel."
}
],
"id": "CVE-2007-0856",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-08T18:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33039"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24069"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017604"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017605"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017606"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/282240"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/666800"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22448"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0521"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432\u0026id=EN-1034432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/282240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/666800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32353"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}