CVE-2006-0642
NVD-CWE-OtherPublished: February 10, 2006· Updated: Jun 16, 2026
Official Description
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
Technical Analysis
CVE-2006-0642 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
All References (18)
Quick Facts
Related CVEs (NVD-CWE-Other)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2006-0642 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts