Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6386
HistoryDec 15, 2007 - 2:46 a.m.

CVE-2007-6386

2007-12-1502:46:00
CWE-119
[email protected]
web.nvd.nist.gov
25
cve-2007-6386
buffer overflow
pccscan.dll
trend micro
antivirus
antispyware
internet security
denial of service
privilege escalation
zip archive

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.8%

JSON

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.

Affected configurations

NVD
Node
trend_microtrend_micro_antivirus_plus_antispywareMatch2008bld_1450
OR
trend_microtrend_micro_internet_security__virus_bustMatch2008bld_1451
OR
trend_microtrend_micro_internet_security_pro

Related

prion 1
cvelist 1
nvd 1
prion
prion
Stack overflow
2007-12-15 02:46:00
cvelist
cvelist
CVE-2007-6386
2007-12-15 02:00:00
nvd
nvd
CVE-2007-6386
2007-12-15 02:46:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.8%

JSON
Related for CVE-2007-6386
prion1cvelist1nvd1