CVE-2007-1591

VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service kernel fault and system crash via a crafted UPX file with a certain field that triggers a divide-by-zero error...

CVE-2007-1591

CVE-2007-1591 affects Trend Micro’s VsapiNT.sys in the Scan Engine 8.0 (Trend Micro Antivirus 14.10.1041 and similar products). A crafted UPX-packed file triggers a divide-by-zero error in VsapiNT.sys, causing a kernel fault and remote denial of service (system crash). Public references describe ...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Information disclosure

The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Design/Logic Flaw

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Information disclosure

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

CVE-2007-1564

CVE-2007-1564 concerns Konqueror 3.5.5’s FTP protocol handling. The vulnerability arises when a remote FTP server supplies an overly crafted PASV response, which can force the Konqueror client to connect to arbitrary servers. This behavior could enable a nearby attacker to perform a proxied port-...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Netragard Security Advisory 2007-02-20

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C Advisory Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." POSTING NOTICE - ----------------------------------------------------------------------- If you...

DBImageGallery 1.2.2 (donsimg_base_path) RFI Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ DBImageGallery 1.2.2 donsimgbasepath RFI Vulnerabilities ============================================================ DBImageGallery 1.2.2 Found by Denven ERROR:...

CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

Buffer overflow

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

CVE-2007-0851

CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...

CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

Trend Micro扫描引擎UPX压缩PE文件缓冲区溢出漏洞

Trend Micro病毒扫描引擎为桌面、服务器和网关提供杀毒功能。 Trend Micro的病毒扫描引擎在扫描特制的畸形UPX压缩可执行程序时没有正确验证输入，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果用户扫描了畸形文件的话，就可能触发缓冲区溢出，导致执行任意指令。在Windows下扫描引擎在内核环境中运行；在Linux下扫描引擎运行为超级用户权限的守护程序。因此，成功利用这个漏洞的攻击者可以获得对受影响系统的完全控制。 Trend Micro Scan Engine 8.300 Trend Micro Scan Engine 8.000...

Trend Micro病毒扫描引擎TMComm本地权限提升漏洞

Trend Micro病毒扫描引擎为桌面、服务器和网关提供杀毒功能。 Trend Micro的病毒扫描引擎中所捆绑的TmComm.sys驱动没有对\.\TmComm DOS设备接口设置安全的权限，对Everyone给予了写权限。这允许本地登录的用户通过IOCTL访问仅应由特权用户才能访问的功能。 此外，这个DOS设备接口的IOCTL处理器没有验证对其传送的地址，允许在内核（RING 0）环境中覆盖任意内存或执行任意指令。 Trend Micro PC-cillin Internet Security 2007 Trend Micro Antivirus 2007 Trend Micro...

BitDefender client format string vulnerability

Format string vulnerability on scan settings logging...

Format string

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...