Vulnerability Name:

CVE-2007-1591 (CCN-32985)

Assigned:2007-03-14
Published:2007-03-14
Updated:2018-10-16
Summary:VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service (kernel fault and system crash) via a crafted UPX file with a certain field that triggers a divide-by-zero error.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2007-1591

Source: CCN
Type: Trend Micro Solution ID: 1034587
[Vulnerability Response] Blue Screen of Death (BSOD) and product exception in Trend Micro Scan Engines

Source: CONFIRM
Type: Patch, Vendor Advisory
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034587

Source: IDEFENSE
Type: Vendor Advisory
20070314 Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability

Source: CCN
Type: SA24450
Trend Micro Products UPX Processing Denial of Service

Source: CCN
Type: SECTRACK ID: 1017768
Trend Micro Antivirus UPX File Divide By Zero Error Lets Remote Users Deny Service

Source: CCN
Type: OSVDB ID: 34075
Trend Micro Multiple Products VsapiNT.sys UPX Processing DoS

Source: BUGTRAQ
Type: UNKNOWN
20070316 RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability

Source: CCN
Type: BID-22965
Trend Micro Scan Engine UPX File Parsing Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1017768

Source: VUPEN
Type: UNKNOWN
ADV-2007-0959

Source: XF
Type: UNKNOWN
trendmicro-upx-dos(32985)

Source: CCN
Type: iDefense Labs PUBLIC ADVISORY: 03.14.07
Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:trend_micro:trend_micro_antivirus:14.10.1041:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:trend_micro:scanmail:2.51::domino:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:10.2::~~~microsoft_exchange~~:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:portalprotect:1.2::sharepoint:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webprotect:gold::isa:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold::solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold::windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:::linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.0.1::linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.52::windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold::aix:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6::solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold::smb:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.5.2::windows:*:*:*:*:*
  • OR cpe:/a:trendmicro:trend_micro_control_manager:6.0:sp3:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:11.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    trend_micro trend micro antivirus 14.10.1041
    trend_micro scanmail 2.51
    trend_micro scanmail 10.2
    trend_micro serverprotect linux
    trend_micro serverprotect windows
    trend_micro portalprotect 1.2
    trend_micro pc-cillin internet security 14_14.00.1485
    trend_micro interscan webprotect gold
    trend_micro interscan webmanager 1.2
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite
    trend_micro interscan viruswall 3.0.1
    trend_micro interscan viruswall 3.52
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall gold
    trend_micro interscan emanager 3.5.2
    trendmicro trend micro control manager 6.0 sp3
    trend_micro officescan 11.0