• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Trend Micro Multiple Products Network Security Component Modules Multiple Vulnerabilities

Severity: CRITICAL

Description:

Multiple products from Trend Micro are prone to multiple security vulnerabilities that affect the Network Security Component modules:

1. The 'ApiThread()' function of the Trend Micro Personal Firewall service ('TmPfw.exe') contains a denial-of-service vulnerability. Attackers can exploit this issue by sending packets with a large value in the size field to the service over TCP port 40000.

2. The 'ApiThread()' function of the Trend Micro Personal Firewall service ('TmPfw.exe') contains a heap-overflow vulnerability. Attackers can exploit this issue by sending packets with a small value in the size field to the service over TCP port 40000.

3. Attackers can gain access to and modify the firewall configuration files by sending specially crafted packets to the service over TCP port 40000. Note that attackers can exploit this issue even if access to the management interface has been restricted by a password.

Successful exploits may allow attackers to crash the application, execute arbitrary code with SYSTEM privileges, or bypass security.

These issues affect the following:

Trend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1
Trend Micro Internet Security 2008
Trend Micro Internet Security Pro 2008
Trend Micro PC-cillin Internet Security 2007

Affected Products:

• Trend Micro Internet Security 2008
• Trend Micro Internet Security Pro 2008
• Trend Micro OfficeScan Corporate Edition 8.0 SP1 Patch 1
• Trend Micro PC-Cillin Internet Security 2007

References:

• Secunia: Trend Micro NSC Firewall Configuration Vulnerability
• Secunia: Trend Micro Network Security Component Vulnerabilities
• Trend Micro: Trend Micro OfficeScan Homepage
• Trend Micro: Trend Micro(TM) OfficeScan(TM) Critical Patch - Server Build 3191 and NSC module

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.