Vulnerabilities Galore

Trend Micro has confirmed the existence of a vulnerability of its scan engine. When scanning a corrupted UPX-packed file, a buffer overflow occurs, which can cause the dreaded blue screen of death, or worse, an arbitrary code execution.

All Trend Micro products that uses the said scan engine (version 8.3xx) are affected.

If you are an affected Trend Micro user, make sure your pattern file is not lower than 4.245.00.

Trend Micro has credited iDefense for the discovery of such vulnerability. Here is the iDefense report.

Another vulnerability exists, this time on its Anti-Rootkit module. When exploited, it allows for an elevation of privilege and execution of arbitrary code.

Updating the module to 1.600-1052 will resolve this vulnerability.

Here is the iDefense report for the said vulnerability.

Two new vulnerabilities are also discovered for the Web browser FireFox, this time by SecuriTeam. The first one involves the pop-up blocker. This vulnerability is a little complicated, but in the simplest sense, exploiting this flaw allows for reading local files arbitrarily.

Upgrading to version 2, or turning the pop-up blocker on may solve this problem. Note that the report does not mention if version 2 is affected.

The second vulnerability centers on the anti-phishing feature and affects only version 2. In this flaw, a phisher can trick the browser that a fraudulent site is safe (instead of flagging it as a phishing site) by adding particular characters in the site’s URL.

There are no known workarounds for this one. Be careful in doing online transactions, and check the URL very well.

Mozilla has yet to issue a reaction and/or patch for both security issues.