February 24th, 2005, 04:32 PM
Trend Micro buffer overflow.
For all of you the use the Trend Micro scan engine, the following information has been released:
The Trend Micro VSAPI scan engine library is prone to a heap-based buffer overflow vulnerability. This vulnerability may be triggered when the library processes a malformed ARJ archive.
The vulnerability affects multiple Trend Micro products. It is also noted that multiple attack vectors exist, as affected software may scan ARJ files in email attachments, and through various file transfer protocols.