The vulnerabilities could allow remote users to execute code with system-level privileges on computers running the products, Trend Micro's anti-spyware software for desktop and notebook PCs and its ServerProtect anti-virus software for Windows and NetWare servers, according to an iDefense advisory.
iDefense said multiple boundary errors in the ServerProtect product can be exploited to cause stack-based buffer overflows in various ServerProtect services. In addition, iDefense said remote exploitation of an integer overflow vulnerability in Trend's ServerProtect anti-virus software could also allow attackers to execute code with system-level privileges.
The vulnerabilities impact a wide range of services within the ServerProtect product, according to iDefense. For instance, one of the boundary errors impacts ServerProtect's StRpcSrv.dll library, which handles remote-procedure call (RPC) requests on TCP port 5168.
iDefense also revealed a similar stack-based buffer overflow issue within Trend's desktop/notebook anti-spyware product. The overflow can be triggered when an attacker creates a file with an "overly long path."
Trend Micro has released a hot fix the problems, and more information is available in the company's Knowledge Base article here.
"We appreciate third-party researchers alerting us to product issues, and Trend Micro retains a long-standing reputation of providing our customer base with the patches necessary to keep them secure," a Trend Micro spokesman told SCMagazine.com.
Click here to email West Coast Bureau Chief Jim Carr.
