TITLE:
Trend Micro Products RAR Processing Denial Of Service
SECUNIA ADVISORY ID:
SA23321
VERIFY ADVISORY:
http://secunia.c
om/advisories/23321/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
Trend Micro OfficeScan Corporate Edition 7.x
http://secunia.com/p
roduct/5007/
Trend Micro PC-cillin Internet Security 2006 / 14.x
http://secunia.com/p
roduct/8828/
Trend Micro ServerProtect for Windows/NetWare 5.x
http://secunia.com/p
roduct/1153/
DESCRIPTION:
A vulnerability has been reported in various Trend Micro
products,
which can be exploited by malicious people to cause a DoS
(Denial of
Service).
The vulnerability is caused due to an error in the AntiVirus
engine
when processing RAR archive with "head_size" and
"pack_size"
header
fields set to 0. This can be exploited to consume almost all
CPU
resources when scanning a specially crafted RAR archive.
The vulnerability is reported in the following products
(other
versions may also be affected):
* Trend Micro PC Cillin - Internet Security 2006
* Trend Micro Office Scan 7.3
* Trend Micro Server Protect 5.58
SOLUTION:
Update to the latest version of the scan engine.
ORIGINAL ADVISORY:
http://labs.idefense.com/intelligence/vu
lnerabilities/display.php?id=439
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|