CVE-2007-3873

Name of the Vulnerable Software and Affected Versions: Trend Micro AntiSpyware version 3.5 PC-Cillin Internet Security versions 15.0 through 15.3 SSAPI Engine versions 5.0.0.1066 through 5.2.0.1012 vstlib32.dll version 1.2.0.1012

Description: The issue is a stack-based buffer overflow that occurs in the vstlib32.dll when the Venus Spy Trap (VST) feature is enabled. This happens when a file with a long pathname triggers the overflow during a ReadDirectoryChangesW callback notification, potentially allowing local users to cause a denial of service or execute arbitrary code.

Recommendations: For Trend Micro AntiSpyware version 3.5, disable the Venus Spy Trap (VST) feature to prevent exploitation. For PC-Cillin Internet Security versions 15.0 through 15.3, restrict access to the VST feature until a patch is available. For SSAPI Engine versions 5.0.0.1066 through 5.2.0.1012, consider disabling the ReadDirectoryChangesW callback notification as a temporary workaround. For vstlib32.dll version 1.2.0.1012, avoid using long pathnames in files to minimize the risk of triggering the buffer overflow.