|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=586
|
| |
Vulnerable Systems:
* PC-Cillin Internet Security 2007 vstlib32.dll version 1.2.0.1012
Trend Micro products which include the VST functionality are vulnerable to a stack-based buffer overflow in the vstlib32.dll library. This overflow is triggered when an attacker creates a file on the local file system with an overly long path. When vstlib32 receives the ReadDirectoryChangesW callback notification from the Operating System, a stack based buffer overflow will occur.
Analysis:
Exploitation allows attackers to execute arbitrary code with system level privilege.
Exploitation requires that attackers are able to create a specially constructed file path on the machine running the Trend Micro product. This could be the local machine to gain SYSTEM level privileges, or could be conducted remotely by writing a file to an accessible network share.
Vendor response:
Trend Micro has addressed this vulnerability by releasing a HotFix. For more information consult their Knowledge Base article at the following URL: http://esupport.trendmicro.com/support/consumer/search.do?cmd=displayKC&externalId=PUB-en-1035845
CVE Information:
CVE-2007-3873
Disclosure timeline:
07/12/2007 - Initial vendor notification
07/16/2007 - Initial vendor response
08/20/2007 - Coordinated public disclosure
|
|
|
|
|
