There are many exploitable buffer overflaw flaws in a couple of products from Trend Micro according to a study by iDefense Labs.
The two products which have the flaws are their anti-spyware for desktop PCs and notebooks and their software called ServerProtect anti-virus software which are designed for both Windows and NetWare servers.
One of the errors in ServerProtect is about the StRpcSrv.dll library.
In their anti-spyware product, an attacker can trigger an overflow when by making a file with a very long path.
A Trend Micro spokesman said, “We appreciate third-party researchers alerting us to product issues, and Trend Micro retains a long-standing reputation of providing our customer base with the patches necessary to keep them secure.”
Source: SC Magazine