CVE-2007-3873

EPSS 0.08% · P23 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-3873

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0.1012 in Trend Micro AntiSpyware 3.5 and PC-Cillin Internet Security 2007 15.0 through 15.3, when the Venus Spy Trap (VST) feature is enabled, allows local users to cause a denial of service (service crash) or execute arbitrary code via a file with a long pathname, which triggers the overflow during a ReadDirectoryChangesW callback notification.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Trend Micro Anti-Spyware和PC-cillin SSAPI引擎本地栈溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Anti-Spyware和PC-cillin都是趋势科技发布的杀毒软件产品。 Anti-Spyware和PC-cillin的vstlib32.dll库中的VST函数中存在栈溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。如果攻击者在本地文件系统创建了有超长路径(超过max_path字符限制)的文件的话，则vstlib32从操作系统接收到了ReadDirectoryChangesW回调通知的时候就会在SSAPI模块中触发栈溢出，导致以系统权限执行任意指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-3873

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-3873

请登录查看更多情报信息。

http://esupport.trendmicro.com/support/consumer/search.do?cmd=displayKC&externalId=PUB-en-1035845x_refsource_CONFIRM
http://www.securityfocus.com/bid/25388vdb-entryx_refsource_BID
http://secunia.com/advisories/26557third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1018592vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/2935vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/36144vdb-entryx_refsource_XF
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=586third-party-advisoryx_refsource_IDEFENSE
https://nvd.nist.gov/vuln/detail/CVE-2007-3873

Same Patch Batch · n/a · 2007-08-22 · 18 CVEs total

CVE-2007-4483		WordPress theme'index.php'跨站脚本攻击漏洞
CVE-2007-4455		Asterisk SIP对话历史记录资源耗尽漏洞
CVE-2007-4490		Windows平台Trend Micro ServerProtect'EarthAgent.exe'多个缓冲区溢出漏洞
CVE-2007-4489		eCentrex VOIP Client UACOMX.OCX ActiveX控件栈溢出漏洞
CVE-2007-4488		Siemens Gigaset SE361 WLAN 固件多个跨站脚本攻击漏洞
CVE-2007-4487		Invision Power Board 'D22-Shoutbox'跨站脚本攻击漏洞
CVE-2007-4486		Linkliste'index.php'多个PHP远程文件包含漏洞
CVE-2007-4485		Butterfly 'visitor.php'PHP远程文件包含漏洞
CVE-2007-4484		My_REFERER'login.php'PHP远程文件包含漏洞
CVE-2007-4218		Trend Micro ServerProtect多个RPC调用远程缓冲区溢出漏洞
CVE-2007-4482		WordPress Pool'index.php'跨站脚本攻击漏洞
CVE-2007-4481		Blix 'index.php'跨站脚本攻击漏洞
CVE-2007-4480		WordPress Sirius'index.php'跨站脚本攻击漏洞
CVE-2007-4479		Search Engine Builder'search.html'跨站脚本攻击漏洞
CVE-2007-4478		Microsoft Internet Explorer 安全漏洞
CVE-2007-4477		Planet VC-200M VDSL2管理界面 HTTP请求拒绝服务漏洞
CVE-2007-4219		Trend Micro ServerProtect RPCFN_SYNC_TASK远程整数溢出漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-3873

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-3873

I. Basic Information for CVE-2007-3873

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-3873

III. Intelligence Information for CVE-2007-3873

Same Patch Batch · n/a · 2007-08-22 · 18 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-3873

Leave a comment