Trend Micro antiviral products multiple security vulnerabilities

Buffer overflow in SSAPI engine on oversized local path. Buffer overflow in ServerProtect on different TCP/5168 RPC requests...

Trend Micro Anti-Spyware和PC-cillin SSAPI引擎本地堆栈缓冲区溢出漏洞

Trend Micro AntiSpyware是一款检测和删除恶意软件的应用程序。 Trend SSAPI引擎存在缓冲区溢出，远程攻击者可以利用漏洞以系统进程权限执行任意指令。 Trend Micro产品包含的vstlib32.dll库中的VST函数存在基于堆栈的缓冲区溢出，当攻击者以超长路径名在本地文件系统中建立文件，vstlib32从操作系统中接收到ReadDirectoryChangesW回调通知，就可以导致基于堆栈的缓冲区溢出发生，精心构建路径数据，并诱使应用程序解析，可导致以系统进程权限执行任意指令。 Trend Micro PC-Cillin Internet Securit...

CVE-2007-3873

Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap VST feature is enabled, allows local users to cause a denial of service service...

CVE-2007-3873

CVE-2007-3873 describes a stack-based buffer overflow in Trend Micro’s vstlib32.dll (1.2.0.1012) used by the SSAPI Engine in AntiSpyware 3.5 and PC-Cillin Internet Security 2007 (15.0–15.3), triggered when a long local file path is processed via a ReadDirectoryChangesW callback. Affects SSAPI Eng...