Vulnerability Details : CVE-2007-0851
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2007-0851
Probability of exploitation activity in the next 30 days: 39.66%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-0851
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-0851
-
http://jvn.jp/jp/JVN%2377366274/index.html
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470
Patch;Vendor Advisory
-
http://www.jpcert.or.jp/at/2007/at070004.txt
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32352
-
http://www.vupen.com/english/advisories/2007/0522
-
http://securitytracker.com/id?1017603
-
http://securitytracker.com/id?1017601
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/22449
Patch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/0569
-
http://www.kb.cert.org/vuls/id/276432
US Government Resource
-
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289
Patch;Vendor Advisory
-
http://securitytracker.com/id?1017602
Products affected by CVE-2007-0851
- cpe:2.3:a:trend_micro:interscan_viruswall:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.32:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.81:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:2005:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin:2006:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:corporate_7.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:officescan:4.5.0:*:microsof_sbs:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:control_manager:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:linux_5.1.1:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux_1.0.0_ja:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*
- cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:portalprotect:1.2:*:sharepoint:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:novell_netware:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:serverprotect:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:viruswall:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:scanning_engine:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:web_security_suite:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:trend_micro:webprotect:3.1.0:*:*:*:*:*:*:*