A
vulnerability has been identified in various Trend Micro products,
which could be exploited by attackers or malware to take complete
control of an affected system. This issue is due to a buffer overflow
error when processing malformed UPX compressed files, which could be
exploited by attackers to execute arbitrary commands e.g. by sending an
email containing a malicious file to a system being protected by a
vulnerable application.
Affected Products
Trend Micro Client Server Messaging Security for SMB
Trend Micro Client Server Security for SMB
Trend Micro Control Manager
Trend Micro InterScan eManager
Trend Micro InterScan Messaging Security Suite
Trend Micro InterScan VirusWall
Trend Micro InterScan VirusWall for SMB
Trend Micro InterScan Web Security Suite
Trend Micro InterScan WebManager
Trend Micro InterScan WebProtect for ISA
Trend Micro OfficeScan
Trend Micro PortalProtect for Sharepoint
Trend Micro ScanMail eManager
Trend Micro ScanMail for Lotus Domino
Trend Micro ScanMail for Microsoft Exchange
Trend Micro ServerProtect for Linux
Trend Micro ServerProtect for Microsoft Windows/Novell NetWare
Trend Micro PC-cillin Internet Security 2005
Trend Micro PC-cillin Internet Security 2006
Trend Micro PC-cillin Internet Security 2007
