cpe:/a:trend_micro:trend_micro_antivirus_plus_antispyware:2008:bld_1450 cpe:/a:trend_micro:trend_micro_internet_security__virus_bust:2008:bld_1451 cpe:/a:trend_micro:trend_micro_internet_security_pro CVE-2007-6386 2007-12-14T21:46:00.000-05:00 2017-08-07T21:29:07.697-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-12-17T14:07:00.000-05:00 ALLOWS_ADMIN_ACCESS SECTRACK 1019079 SECUNIA 28038 OSVDB 39769 OSVDB 39770 VUPEN ADV-2007-4191 CONFIRM http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464 MISC http://secway.org/advisory/AD20071211.txt XF trendmicro-pccscan-zip-bo(38982) Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.