10

CVE-2007-1070

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Trend MicroServerprotect Version5.58 Editionemc
   MicrosoftWindows 2000
   MicrosoftWindows 2003 Server Versionr2
   MicrosoftWindows 2003 Server Versionsp2
   MicrosoftWindows Nt
   MicrosoftWindows Vista Edition32_bit
   MicrosoftWindows Xp Updategold
Trend MicroServerprotect Version5.58 Editionemc
Trend MicroServerprotect Version5.61 Editionnetwork_appliance_filer
Trend MicroServerprotect Version5.62 Editionnetwork_appliance_filer
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 73.77% 0.994
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
Patch
Vendor Advisory
http://osvdb.org/33042
http://secunia.com/advisories/24243
http://www.kb.cert.org/vuls/id/349393
US Government Resource
http://www.kb.cert.org/vuls/id/466609
US Government Resource
http://www.kb.cert.org/vuls/id/630025
US Government Resource
http://www.kb.cert.org/vuls/id/730433
US Government Resource
http://www.securityfocus.com/archive/1/460686/100/0/threaded
http://www.securityfocus.com/archive/1/460690/100/0/threaded
http://www.securityfocus.com/bid/22639
http://www.securitytracker.com/id?1017676
http://www.tippingpoint.com/security/advisories/TSRT-07-01.html
Vendor Advisory
http://www.tippingpoint.com/security/advisories/TSRT-07-02.html
Vendor Advisory
http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt
Vendor Advisory
http://www.vupen.com/english/advisories/2007/0670
https://exchange.xforce.ibmcloud.com/vulnerabilities/32594
https://exchange.xforce.ibmcloud.com/vulnerabilities/32601