---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: Trend Micro Products UPX Processing Denial of Service SECUNIA ADVISORY ID: SA24450 VERIFY ADVISORY: http://secunia.com/advisories/24450/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Trend Micro Client Server Messaging Security for SMB 2.x http://secunia.com/product/13521/ Trend Micro Client Server Messaging Security for SMB 3.x http://secunia.com/product/13440/ Trend Micro Client Server Security for SMB 3.x http://secunia.com/product/13442/ Trend Micro InterScan AppletTrap 2.x http://secunia.com/product/63/ Trend Micro InterScan eManager 3.x http://secunia.com/product/62/ Trend Micro InterScan Messaging Security Suite 5.x http://secunia.com/product/61/ Trend Micro InterScan VirusWall 3.x http://secunia.com/product/60/ Trend Micro InterScan Web Security Suite 1.x http://secunia.com/product/4085/ Trend Micro InterScan Web Security Suite 2.x http://secunia.com/product/4086/ Trend Micro InterScan WebManager 2.x http://secunia.com/product/64/ Trend Micro OfficeScan Corporate Edition 3.x http://secunia.com/product/855/ Trend Micro InterScan WebProtect for ISA 3.x http://secunia.com/product/65/ Trend Micro OfficeScan Corporate Edition 5.x http://secunia.com/product/854/ Trend Micro OfficeScan Corporate Edition 6.x http://secunia.com/product/4323/ Trend Micro OfficeScan Corporate Edition 7.x http://secunia.com/product/5007/ Trend Micro PC-cillin 2000 http://secunia.com/product/851/ Trend Micro PC-cillin 2002 http://secunia.com/product/852/ Trend Micro PC-cillin 2003 http://secunia.com/product/853/ Trend Micro PC-cillin for Wireless 3.x http://secunia.com/product/8133/ Trend Micro PC-cillin Internet Security 2005 http://secunia.com/product/4708/ Trend Micro PC-cillin Internet Security 2006 / 14.x http://secunia.com/product/8828/ Trend Micro PC-cillin Internet Security 2007 http://secunia.com/product/13436/ Trend Micro PortalProtect for SharePoint 1.x http://secunia.com/product/4709/ Trend Micro ScanMail eManager 3.x http://secunia.com/product/68/ Trend Micro ScanMail eManager 5.x http://secunia.com/product/4710/ Trend Micro ScanMail for Lotus Notes 2.x http://secunia.com/product/1021/ Trend Micro ScanMail for Lotus Notes 3.x http://secunia.com/product/4711/ Trend Micro ScanMail for Microsoft Exchange 3.x http://secunia.com/product/66/ Trend Micro ScanMail for Microsoft Exchange 6.x http://secunia.com/product/67/ Trend Micro ScanMail for Microsoft Exchange 7.x http://secunia.com/product/8046/ Trend Micro ScanMail for Openmail 2.x http://secunia.com/product/1022/ Trend Micro ServerProtect for EMC Celerra 5.x http://secunia.com/product/13528/ Trend Micro ServerProtect for Linux 1.x http://secunia.com/product/4712/ Trend Micro ServerProtect for Linux 2.x http://secunia.com/product/13531/ Trend Micro ServerProtect for Network Appliance Filer 5.x http://secunia.com/product/13527/ Trend Micro ServerProtect for Windows/NetWare 5.x http://secunia.com/product/1153/ DESCRIPTION: A vulnerability has been reported in Trend Micro products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a divide-by-zero error within the anti-virus engine when processing UPX compressed executables. This can be exploited to e.g. crash the system (Windows-based system) or application (library-based engine) when scanning a specially crafted UPX compressed executable file. The vulnerability reportedly affects all Trend Micro products that use Scan Engine version 8.0 and above with Pattern File technology. SOLUTION: Update the virus pattern file to OPR 4.335.00 or higher. PROVIDED AND/OR DISCOVERED BY: Discovered by an anonymous person and reported via iDefense Labs. ORIGINAL ADVISORY: Trend Micro: http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034587 iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=488 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------