Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 up to and including 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 up to and including 15.3, when the Venus Spy Trap (VST) feature is enabled, allows local users to cause a denial of service (service crash) or execute arbitrary code via a file with a long pathname, which triggers the overflow during a ReadDirectoryChangesW callback notification.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trend micro antispyware 3.5 |
||
trend micro pc-cillin internet security 2007 15.0 |
||
trend micro pc-cillin internet security 2007 15.2 |
||
trend micro pc-cillin internet security 2007 15.2_patch |
||
trend micro pc-cillin internet security 2007 15.3 |