This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Trend Micro First view 2007-02-08
Product Pc-Cillin Internet Security Last view 2007-02-08
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:* 2
cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:* 1
cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:* 1
cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:* 1

Related : CVE

  Date Alert Description
7.2 2007-02-08 CVE-2007-0856

TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.
9.3 2007-02-08 CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.

Open Source Vulnerability Database (OSVDB)

id Description
33039 Trend Micro Multiple Products TmComm.sys IOCTL Handler Local Privilege Escala...
33038 Trend Micro Multiple Products UPX Handling Overflow

Information Assurance Vulnerability Management (IAVM)

id Description
2007-A-0013 Trend Micro Antivirus UPX Compressed PE File Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0013605

Nessus® Vulnerability Scanner

id Description
2007-02-21 Name: The remote Windows host is affected by a local privilege escalation issue.
File: trendmicro_tmcomm_insecure_permission.nasl - Type: ACT_GATHER_INFO
2007-02-21 Name: The remote Windows host is vulnerable to a buffer overflow attack.
File: trendmicro_upx_parsing.nasl - Type: ACT_GATHER_INFO