CVE-2006-6458
Last modified
CVE-2006-6458 is a vulnerability of currently unknown severity. The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop.. EPSS estimates a 2.52% chance of exploitation in the next 30 days.
Description
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Officescan | 7.3 |
| Trend Micro | Pc Cillin - Internet Security 2006 | All versions |
| Trend Micro | Serverprotect | 5.58 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-6458?
How severe is CVE-2006-6458?
How do I fix CVE-2006-6458?
Are you affected by CVE-2006-6458?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST