[Japanese]

JVNDB-2007-000127

CCC Cleaner buffer overflow vulnerability

Overview

CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.

This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro's website.

CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder.

Filenames: lpt$vpn.185

As of February 13, 2006, Trend Micro has announced that the vulnerability "the Anti-Rootkit Common Module (TmComm.sys)" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor's website.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Complete
Affected Products


Cyber Clean Center
  • CCC Cleaner (CCC pattern Ver:185)
Trend Micro, Inc.
  • Trend Micro Scan Engine 8.000
  • Trend Micro Scan Engine 8.300
  • Virus Search Engine VS API 8.0 later

Impact

Arbitrary code could be executed when CCC Cleaner scans UPX-packed files.
Solution

Vendor Information

Cyber Clean Center Trend Micro, Inc.
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2007-0851
References

  1. JVN : JVNVU#276432 (Japanese)
  2. JVN : JVN#77366274
  3. National Vulnerability Database (NVD) : CVE-2007-0851
  4. US-CERT Vulnerability Note : VU#276432
  5. Secunia Advisory : SA24087
  6. SecurityFocus : 22449
  7. SecurityTracker : 1017601
  8. FrSIRT Advisories : FrSIRT/ADV-2007-0522
Revision History

  • [2008/05/21]
      Web page published