Patch/Configuration Management, Vulnerability Management

iDefense reveals several Trend Micro flaws

The vulnerabilities could allow remote users to execute code with system-level privileges on computers running the products, Trend Micro's anti-spyware software for desktop and notebook PCs and its ServerProtect anti-virus software for Windows and NetWare servers, according to an iDefense advisory.

iDefense said multiple boundary errors in the ServerProtect product can be exploited to cause stack-based buffer overflows in various ServerProtect services. In addition, iDefense said remote exploitation of an integer overflow vulnerability in Trend's ServerProtect anti-virus software could also allow attackers to execute code with system-level privileges.

The vulnerabilities impact a wide range of services within the ServerProtect product, according to iDefense. For instance, one of the boundary errors impacts ServerProtect's StRpcSrv.dll library, which handles remote-procedure call (RPC) requests on TCP port 5168.

iDefense also revealed a similar stack-based buffer overflow issue within Trend's desktop/notebook anti-spyware product. The overflow can be triggered when an attacker creates a file with an "overly long path."

Trend Micro has released a hot fix the problems, and more information is available in the company's Knowledge Base article here.

"We appreciate third-party researchers alerting us to product issues, and Trend Micro retains a long-standing reputation of providing our customer base with the patches necessary to keep them secure," a Trend Micro spokesman told SCMagazine.com.

Click here to email West Coast Bureau Chief Jim Carr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds