CVE-2007-0851: Buffer Overflow
First published: Thu Feb 08 2007(Updated: )
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro Client-Server Messaging Suite SMB | =gold | |
| Trend Micro Client-Server Messaging Suite SMB | =gold | |
| Trend Micro Control Manager | =2.5.0 | |
| Trend Micro Control Manager | =3.5 | |
| Trend Micro Control Manager | =gold | |
| Trend Micro Control Manager | =gold | |
| Trend Micro Control Manager | =gold | |
| Trend Micro Control Manager | =gold | |
| Trend Micro Control Manager | =gold | |
| Trend Micro Control Manager | =netware | |
| Trend Micro InterScan eManager | =3.5 | |
| Trend Micro InterScan eManager | =3.5.2 | |
| Trend Micro InterScan eManager | =3.6 | |
| Trend Micro InterScan eManager | =3.6 | |
| Trend Micro InterScan eManager | =3.51 | |
| Trend Micro InterScan eManager | =3.51_j | |
| Trend Micro InterScan Messaging Security Suite | ||
| Trend Micro InterScan Messaging Security Suite | =3.81 | |
| Trend Micro InterScan Messaging Security Suite | =5.5 | |
| Trend Micro InterScan Messaging Security Suite | =5.5_build_1183 | |
| Trend Micro InterScan Messaging Security Suite | =gold | |
| Trend Micro InterScan Messaging Security Suite | =gold | |
| Trend Micro InterScan Messaging Security Suite | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =3.0.1 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.0.1 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.1.0 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.2.3 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.3 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6.0_build_1182 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6.0_build1166 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6.5 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.7.0 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.7.0_build1190 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.8.0_build1130 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.32 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.81 | |
| Trend Micro InterScan VirusWall Scan Engine | =5.1 | |
| Trend Micro InterScan VirusWall Scan Engine | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =gold | |
| Trend Micro InterScan VirusWall Scan Engine | =3.4 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.5 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.6 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.51 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.52 | |
| Trend Micro InterScan VirusWall Scan Engine | =3.52_build1466 | |
| Trend Micro InterScan VirusWall Scan Engine | =5.1.0 | |
| Trend Micro InterScan VirusWall Scan Engine | =7.510.0-1002 | |
| Trend Micro Web Security Suite | ||
| Trend Micro Web Security Suite | ||
| Trend Micro Web Security Suite | =gold | |
| Trend Micro Web Security Suite | =gold | |
| Trend Micro Web Security Suite | =gold | |
| Trend Micro InterScan WebManager | =1.2 | |
| Trend Micro InterScan WebManager | =2.0 | |
| Trend Micro InterScan WebManager | =2.1 | |
| Trend Micro Interscan Web Protect | =gold | |
| Trend Micro OfficeScan XG | =3.0 | |
| Trend Micro OfficeScan XG | =4.5.0 | |
| Trend Micro OfficeScan XG | =7.3 | |
| Trend Micro OfficeScan XG | =corporate_3.0 | |
| Trend Micro OfficeScan XG | =corporate_3.1.1 | |
| Trend Micro OfficeScan XG | =corporate_3.5 | |
| Trend Micro OfficeScan XG | =corporate_3.5 | |
| Trend Micro OfficeScan XG | =corporate_3.11 | |
| Trend Micro OfficeScan XG | =corporate_3.11 | |
| Trend Micro OfficeScan XG | =corporate_3.13 | |
| Trend Micro OfficeScan XG | =corporate_3.13 | |
| Trend Micro OfficeScan XG | =corporate_3.54 | |
| Trend Micro OfficeScan XG | =corporate_5.02 | |
| Trend Micro OfficeScan XG | =corporate_5.5 | |
| Trend Micro OfficeScan XG | =corporate_5.58 | |
| Trend Micro OfficeScan XG | =corporate_6.5 | |
| Trend Micro OfficeScan XG | =corporate_7.0 | |
| Trend Micro OfficeScan XG | =corporate_7.3 | |
| Trend Micro PC-Cillin | =6.0 | |
| Trend Micro PC-Cillin | =2000 | |
| Trend Micro PC-Cillin | =2002 | |
| Trend Micro PC-Cillin | =2003 | |
| Trend Micro PC-Cillin | =2005 | |
| Trend Micro PC-Cillin | =2006 | |
| Trend Micro PC-Cillin | =14_14.00.1485 | |
| Trend Micro PC-Cillin | =2005_12.0.0_0_build_1244 | |
| Trend Micro PC-Cillin | =2006_14.10.0.1023 | |
| Trend Micro PC-Cillin | =2007 | |
| Trend Micro PC Cillin - Internet Security 2006 | ||
| Trend Micro PortalProtect | =1.0 | |
| Trend Micro PortalProtect | =1.2 | |
| Trend Micro ScanMail for IBM Domino | =1.0.0 | |
| Trend Micro ScanMail for IBM Domino | =2.6 | |
| Trend Micro ScanMail for IBM Domino | =2.51 | |
| Trend Micro ScanMail for IBM Domino | =3.8 | |
| Trend Micro ScanMail for IBM Domino | =3.81 | |
| Trend Micro ScanMail for IBM Domino | =6.1 | |
| Trend Micro ScanMail for IBM Domino | =gold | |
| Trend Micro ScanMail for IBM Domino | =gold | |
| Trend Micro ScanMail for IBM Domino | =gold | |
| Trend Micro ScanMail for IBM Domino | =gold | |
| Trend Micro ScanMail for IBM Domino | =gold | |
| Trend Micro ScanMail for IBM Domino | ||
| Trend Micro Scan Engine | =7.1.0 | |
| Trend Micro ServerProtect for Windows | =5.3.1 | |
| Trend Micro ServerProtect for Windows | =5.5.8 | |
| Trend Micro ServerProtect for Windows | =5.58 | |
| Trend Micro ServerProtect for Windows | =5.58 | |
| Trend Micro ServerProtect for Windows | =linux | |
| Trend Micro ServerProtect for Windows | =linux_1.2.0 | |
| Trend Micro ServerProtect for Windows | =novell_netware | |
| Trend Micro ServerProtect for Windows | =windows | |
| Trend Micro VirusWall | =3.0.1 | |
| Trend Micro InterScan Web Security Suite | =1.2.0 | |
| Trend Micro Interscan Web Protect | =3.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289
- http://jvn.jp/jp/JVN%2377366274/index.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470
- http://osvdb.org/33038
- http://secunia.com/advisories/24087
- http://secunia.com/advisories/24128
- http://securitytracker.com/id?1017601
- http://securitytracker.com/id?1017602
- http://securitytracker.com/id?1017603
- http://www.jpcert.or.jp/at/2007/at070004.txt
- http://www.kb.cert.org/vuls/id/276432
- http://www.securityfocus.com/bid/22449
- http://www.vupen.com/english/advisories/2007/0522
- http://www.vupen.com/english/advisories/2007/0569
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32352
Frequently Asked Questions
What is the severity of CVE-2007-0851?
CVE-2007-0851 is classified with high severity due to the potential for remote code execution.
How do I fix CVE-2007-0851?
To fix CVE-2007-0851, update the Trend Micro Scan Engine to version 8.300 with the latest virus pattern file.
Which versions are affected by CVE-2007-0851?
CVE-2007-0851 affects Trend Micro Scan Engine 8.000 and 8.300 prior to virus pattern file 4.245.00.
What is the exploit vector for CVE-2007-0851?
CVE-2007-0851 can be exploited through a malformed UPX compressed executable sent by remote attackers.
Are there any known exploitation examples of CVE-2007-0851?
Yes, CVE-2007-0851 has been documented in various vulnerability reports indicating potential exploitation in real-world scenarios.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/trend micro
- canonical/trend micro client-server messaging suite smb
- version/trend micro client-server messaging suite smb/gold
- canonical/trend micro control manager
- version/trend micro control manager/2.5.0
- version/trend micro control manager/3.5
- version/trend micro control manager/gold
- version/trend micro control manager/netware
- canonical/trend micro interscan emanager
- version/trend micro interscan emanager/3.5
- version/trend micro interscan emanager/3.5.2
- version/trend micro interscan emanager/3.6
- version/trend micro interscan emanager/3.51
- version/trend micro interscan emanager/3.51_j
- canonical/trend micro interscan messaging security suite
- version/trend micro interscan messaging security suite/3.81
- version/trend micro interscan messaging security suite/5.5
- version/trend micro interscan messaging security suite/5.5_build_1183
- version/trend micro interscan messaging security suite/gold
- canonical/trend micro interscan viruswall scan engine
- version/trend micro interscan viruswall scan engine/3.0.1
- version/trend micro interscan viruswall scan engine/3.1.0
- version/trend micro interscan viruswall scan engine/3.2.3
- version/trend micro interscan viruswall scan engine/3.3
- version/trend micro interscan viruswall scan engine/3.6
- version/trend micro interscan viruswall scan engine/3.6.0_build_1182
- version/trend micro interscan viruswall scan engine/3.6.0_build1166
- version/trend micro interscan viruswall scan engine/3.6.5
- version/trend micro interscan viruswall scan engine/3.7.0
- version/trend micro interscan viruswall scan engine/3.7.0_build1190
- version/trend micro interscan viruswall scan engine/3.8.0_build1130
- version/trend micro interscan viruswall scan engine/3.32
- version/trend micro interscan viruswall scan engine/3.81
- version/trend micro interscan viruswall scan engine/5.1
- version/trend micro interscan viruswall scan engine/gold
- version/trend micro interscan viruswall scan engine/3.4
- version/trend micro interscan viruswall scan engine/3.5
- version/trend micro interscan viruswall scan engine/3.51
- version/trend micro interscan viruswall scan engine/3.52
- version/trend micro interscan viruswall scan engine/3.52_build1466
- version/trend micro interscan viruswall scan engine/5.1.0
- version/trend micro interscan viruswall scan engine/7.510.0-1002
- canonical/trend micro web security suite
- version/trend micro web security suite/gold
- canonical/trend micro interscan webmanager
- version/trend micro interscan webmanager/1.2
- version/trend micro interscan webmanager/2.0
- version/trend micro interscan webmanager/2.1
- canonical/trend micro interscan web protect
- version/trend micro interscan web protect/gold
- canonical/trend micro officescan xg
- version/trend micro officescan xg/3.0
- version/trend micro officescan xg/4.5.0
- version/trend micro officescan xg/7.3
- version/trend micro officescan xg/corporate_3.0
- version/trend micro officescan xg/corporate_3.1.1
- version/trend micro officescan xg/corporate_3.5
- version/trend micro officescan xg/corporate_3.11
- version/trend micro officescan xg/corporate_3.13
- version/trend micro officescan xg/corporate_3.54
- version/trend micro officescan xg/corporate_5.02
- version/trend micro officescan xg/corporate_5.5
- version/trend micro officescan xg/corporate_5.58
- version/trend micro officescan xg/corporate_6.5
- version/trend micro officescan xg/corporate_7.0
- version/trend micro officescan xg/corporate_7.3
- canonical/trend micro pc-cillin
- version/trend micro pc-cillin/6.0
- version/trend micro pc-cillin/2000
- version/trend micro pc-cillin/2002
- version/trend micro pc-cillin/2003
- version/trend micro pc-cillin/2005
- version/trend micro pc-cillin/2006
- version/trend micro pc-cillin/14_14.00.1485
- version/trend micro pc-cillin/2005_12.0.0_0_build_1244
- version/trend micro pc-cillin/2006_14.10.0.1023
- version/trend micro pc-cillin/2007
- canonical/trend micro pc cillin - internet security 2006
- canonical/trend micro portalprotect
- version/trend micro portalprotect/1.0
- version/trend micro portalprotect/1.2
- canonical/trend micro scanmail for ibm domino
- version/trend micro scanmail for ibm domino/1.0.0
- version/trend micro scanmail for ibm domino/2.6
- version/trend micro scanmail for ibm domino/2.51
- version/trend micro scanmail for ibm domino/3.8
- version/trend micro scanmail for ibm domino/3.81
- version/trend micro scanmail for ibm domino/6.1
- version/trend micro scanmail for ibm domino/gold
- canonical/trend micro scan engine
- version/trend micro scan engine/7.1.0
- canonical/trend micro serverprotect for windows
- version/trend micro serverprotect for windows/5.3.1
- version/trend micro serverprotect for windows/5.5.8
- version/trend micro serverprotect for windows/5.58
- version/trend micro serverprotect for windows/linux
- version/trend micro serverprotect for windows/linux_1.2.0
- version/trend micro serverprotect for windows/novell_netware
- version/trend micro serverprotect for windows/windows
- canonical/trend micro viruswall
- version/trend micro viruswall/3.0.1
- canonical/trend micro interscan web security suite
- version/trend micro interscan web security suite/1.2.0
- version/trend micro interscan web protect/3.1.0