Critical flaw hits Trend Micro range

By

A flaw has been found in a security product that is used across Trend Micro's range of anti-virus products.

The vulnerability, deemed "critical" by the company, is found in the ARJ archive file format parser. The AntiVirus Library handles compressed files using the ARJ standard. The company said in a statement that this format is "too flexible, especially in the file name field in the local header."


This file name is stored as a null-terminated string and limited only by the overall size of the local header.

Therefore it is possible to create an ARJ archive file that overwrites data after the allocated 512-byte buffer. An attacker could use this specially-crafted file to execute arbitrary code.

A spokeswoman for the company said there had been "no reports of this type of specially crafted file seen among our customer base."

"This issue has been resolved through the most recent Scan Engine version, version 7.51, that is available for download for customers through the Trend Micro Update Center," she added.

Security company, ISS, discovered the flaw and in its advisory said "several ISPs and vendors also use Trend Micro AntiVirus Library and are likely vulnerable."

www.trendmicro.com
www.iss.net

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?