TITLE: Trend Micro Products UPX Processing Denial of Service SECUNIA ADVISORY ID: SA24450
VERIFY ADVISORY: http://secunia.com/advisories/24450/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Trend Micro Client Server Messaging Security for SMB 2.x http://secunia.com/product/13521/ Trend Micro Client Server Messaging Security for SMB 3.x http://secunia.com/product/13440/ Trend Micro Client Server Security for SMB 3.x http://secunia.com/product/13442/ Trend Micro InterScan AppletTrap 2.x http://secunia.com/product/63/ Trend Micro InterScan eManager 3.x http://secunia.com/product/62/ Trend Micro InterScan Messaging Security Suite 5.x http://secunia.com/product/61/ Trend Micro InterScan VirusWall 3.x http://secunia.com/product/60/ Trend Micro InterScan Web Security Suite 1.x http://secunia.com/product/4085/ Trend Micro InterScan Web Security Suite 2.x http://secunia.com/product/4086/ Trend Micro InterScan WebManager 2.x http://secunia.com/product/64/ Trend Micro OfficeScan Corporate Edition 3.x http://secunia.com/product/855/ Trend Micro InterScan WebProtect for ISA 3.x http://secunia.com/product/65/ Trend Micro OfficeScan Corporate Edition 5.x http://secunia.com/product/854/ Trend Micro OfficeScan Corporate Edition 6.x http://secunia.com/product/4323/ Trend Micro OfficeScan Corporate Edition 7.x http://secunia.com/product/5007/ Trend Micro PC-cillin 2000 http://secunia.com/product/851/ Trend Micro PC-cillin 2002 http://secunia.com/product/852/ Trend Micro PC-cillin 2003 http://secunia.com/product/853/ Trend Micro PC-cillin for Wireless 3.x http://secunia.com/product/8133/ Trend Micro PC-cillin Internet Security 2005 http://secunia.com/product/4708/ Trend Micro PC-cillin Internet Security 2006 / 14.x http://secunia.com/product/8828/ Trend Micro PC-cillin Internet Security 2007 http://secunia.com/product/13436/ Trend Micro PortalProtect for SharePoint 1.x http://secunia.com/product/4709/ Trend Micro ScanMail eManager 3.x http://secunia.com/product/68/ Trend Micro ScanMail eManager 5.x http://secunia.com/product/4710/ Trend Micro ScanMail for Lotus Notes 2.x http://secunia.com/product/1021/ Trend Micro ScanMail for Lotus Notes 3.x http://secunia.com/product/4711/ Trend Micro ScanMail for Microsoft Exchange 3.x http://secunia.com/product/66/ Trend Micro ScanMail for Microsoft Exchange 6.x http://secunia.com/product/67/ Trend Micro ScanMail for Microsoft Exchange 7.x http://secunia.com/product/8046/ Trend Micro ScanMail for Openmail 2.x http://secunia.com/product/1022/ Trend Micro ServerProtect for EMC Celerra 5.x http://secunia.com/product/13528/ Trend Micro ServerProtect for Linux 1.x http://secunia.com/product/4712/ Trend Micro ServerProtect for Linux 2.x http://secunia.com/product/13531/ Trend Micro ServerProtect for Network Appliance Filer 5.x http://secunia.com/product/13527/ Trend Micro ServerProtect for Windows/NetWare 5.x http://secunia.com/product/1153/ DESCRIPTION: A vulnerability has been reported in Trend Micro products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a divide-by-zero error within the anti-virus engine when processing UPX compressed executables. This can be exploited to e.g. crash the system (Windows-based system) or application (library-based engine) when scanning a specially crafted UPX compressed executable file. The vulnerability reportedly affects all Trend Micro products that use Scan Engine version 8.0 and above with Pattern File technology. SOLUTION: Update the virus pattern file to OPR 4.335.00 or higher. ORIGINAL ADVISORY: Trend Micro: http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034587 iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=488 ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
