Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
21 Nov 2024, 00:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290 - Patch, Vendor Advisory | |
References | () http://osvdb.org/33042 - | |
References | () http://secunia.com/advisories/24243 - | |
References | () http://www.kb.cert.org/vuls/id/349393 - US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/466609 - US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/630025 - US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/730433 - US Government Resource | |
References | () http://www.securityfocus.com/archive/1/460686/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/460690/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/22639 - | |
References | () http://www.securitytracker.com/id?1017676 - | |
References | () http://www.tippingpoint.com/security/advisories/TSRT-07-01.html - Vendor Advisory | |
References | () http://www.tippingpoint.com/security/advisories/TSRT-07-02.html - Vendor Advisory | |
References | () http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2007/0670 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/32594 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/32601 - |
Information
Published : 2007-02-21 11:28
Updated : 2024-11-21 00:27
NVD link : CVE-2007-1070
Mitre link : CVE-2007-1070
CVE.ORG link : CVE-2007-1070
JSON object : View
Products Affected
microsoft
- windows_vista
- windows_nt
- windows_xp
- windows_2000
- windows_2003_server
trend_micro
- serverprotect
CWE