Critical flaw hits Trend Micro range

By

A flaw has been found in a security product that is used across Trend Micro's range of anti-virus products.

The vulnerability, deemed "critical" by the company, is found in the ARJ archive file format parser. The AntiVirus Library handles compressed files using the ARJ standard. The company said in a statement that this format is "too flexible, especially in the file name field in the local header."


This file name is stored as a null-terminated string and limited only by the overall size of the local header.

Therefore it is possible to create an ARJ archive file that overwrites data after the allocated 512-byte buffer. An attacker could use this specially-crafted file to execute arbitrary code.

A spokeswoman for the company said there had been "no reports of this type of specially crafted file seen among our customer base."

"This issue has been resolved through the most recent Scan Engine version, version 7.51, that is available for download for customers through the Trend Micro Update Center," she added.

Security company, ISS, discovered the flaw and in its advisory said "several ISPs and vendors also use Trend Micro AntiVirus Library and are likely vulnerable."

www.trendmicro.com
www.iss.net

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?