exploitDog

CVE-2007-6386

Опубликовано: 15 дек. 2007

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:trend_micro:trend_micro_antivirus_plus_antispyware:2008:bld_1450:*:*:*:*:*:*

cpe:2.3:a:trend_micro:trend_micro_internet_security__virus_bust:2008:bld_1451:*:*:*:*:*:*

cpe:2.3:a:trend_micro:trend_micro_internet_security_pro:*:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01341

Низкий

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-2rv4-q294-jg8r

github

почти 4 года назад

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.

EPSS

Процентиль: 80%

0.01341

Низкий

7.2 High

CVSS2

Дефекты

CWE-119