Trend Micro ServerProtect contains a stack-based buffer overflow.
Trend Micro ServerProtect fails to properly handle data passed to the ENG_SendEMail()
routine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially crafted RPC packet to an affected Trend Micro ServerProtect installation.
For more information refer to Trend Micro Solution ID: 1034290.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Apply a patch
Trend Micro has addressed this vulnerability with Security Patch 1- Build 1171.
349393
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: February 21, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to <http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290> and <http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt>.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23349393 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported by Pedram Amini of Tipping Point Security Research Team.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2007-1070 |
---|---|
Severity Metric: | 28.69 Date Public: |