Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: TrendMicro Anti-Virus vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
TrendMicro Anti-Virus vulnerability

A buffer overflow vulnerability in the UPX parser of TrendMicro Antivirus seems to affect the product pretty much in all its incarnations. See   According to this, applying the latest pattern is sufficient to plug the problem until a new version of the engine (8.5) gets released.  Chances are though that the trend (no pun intended) will continue that AV products themselves contain the same type of  vulnerabilities they claim to shield other software against. Quis custodiet ipsos custodes ?

385 Posts
ISC Handler
Feb 8th 2007

Sign Up for Free or Log In to start participating in the conversation!