Trend Micro Antivirus UPX Compressed PE File Buffer Overflow Vulnerability

Trend Micro Antivirus UPX Compressed PE File Buffer Overflow Vulnerability

Trend Micro Antivirus is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

This issue occurs when the application processes compressed UPX files.

Successsful exploits will result in attacker-supplied arbitrary code running with elevated privileges, resulting in the complete compromise of affected computers. Failed exploit attempts will likely cause denial-of-service conditions.

This issue affects all Trend Micro products and versions using the Scan Engine and Pattern File technology.