Patch/Configuration Management, Vulnerability Management

iDefense reveals several Trend Micro flaws

The vulnerabilities could allow remote users to execute code with system-level privileges on computers running the products, Trend Micro's anti-spyware software for desktop and notebook PCs and its ServerProtect anti-virus software for Windows and NetWare servers, according to an iDefense advisory.

iDefense said multiple boundary errors in the ServerProtect product can be exploited to cause stack-based buffer overflows in various ServerProtect services. In addition, iDefense said remote exploitation of an integer overflow vulnerability in Trend's ServerProtect anti-virus software could also allow attackers to execute code with system-level privileges.

The vulnerabilities impact a wide range of services within the ServerProtect product, according to iDefense. For instance, one of the boundary errors impacts ServerProtect's StRpcSrv.dll library, which handles remote-procedure call (RPC) requests on TCP port 5168.

iDefense also revealed a similar stack-based buffer overflow issue within Trend's desktop/notebook anti-spyware product. The overflow can be triggered when an attacker creates a file with an "overly long path."

Trend Micro has released a hot fix the problems, and more information is available in the company's Knowledge Base article here.

"We appreciate third-party researchers alerting us to product issues, and Trend Micro retains a long-standing reputation of providing our customer base with the patches necessary to keep them secure," a Trend Micro spokesman told SCMagazine.com.

Click here to email West Coast Bureau Chief Jim Carr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.