JVNDB-2007-000135

CCC Cleaner buffer overflow vulnerability

CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.

This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro's website.

CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder.

Filenames: lpt$vpn.185

As of February 13, 2006, Trend Micro has announced that the vulnerability "the Anti-Rootkit Common Module (TmComm.sys)" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor's website.

Cyber Clean Center

• CCC Cleaner (CCC pattern Ver:185)

Trend Micro, Inc.

• Client / Server / Messaging Security for SMB 3.5
• Damage Cleanup Services 3.2
• Trend Micro Anti-Spyware for Consumer Consumer 3.5
• Trend Micro Anti-Spyware for Enterprise 3.0 SP2
• Trend Micro Anti-Spyware for SMB 3.2 SP1
• Trend Micro Antivirus 2007
• Trend Micro PC Cillin Internet Security 2007
• Virus Baster 2007
• Worry-Free Business Security 3.5
• Rootkit Provision Module (TmComm.sys)

Arbitrary code could be executed when CCC Cleaner scans UPX-packed files.

Cyber Clean Center

• Cyber Clean Center : Top Page (Japanese)
• Cyber Clean Center : Download (Japanese)
• JPCERT/CC : JPCERT-PR-2007-0002 (Japanese)

Trend Micro, Inc.

• TrendMicro Solution : Solution ID: 1034432

1. CVE-2007-0856

1. JVN : JVN#77366274
2. National Vulnerability Database (NVD) : CVE-2007-0856
3. US-CERT Vulnerability Note : VU#282240
4. US-CERT Vulnerability Note : VU#666800
5. Secunia Advisory : SA24069
6. SecurityFocus : 22448
7. ISS X-Force Database : 32353
8. SecurityTracker : 1017604
9. SecurityTracker : 1017605
10. SecurityTracker : 1017606
11. FrSIRT Advisories : FrSIRT/ADV-2007-0521

• [2008/05/21]
    Web page published