Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-4218
HistoryAug 22, 2007 - 11:17 p.m.

CVE-2007-4218

2007-08-2223:17:00
CWE-119
CWE-20
CWE-189
[email protected]
web.nvd.nist.gov
18
cve-2007-4218
trend micro
serverprotect
buffer overflow
remote code execution
rpc
tcp ports
security patch

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.7%

JSON

Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in © Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.

Related

securityvulns 3
checkpoint_advisories 2
saint 12
prion 1
zdi 1
cert 2
nessus 1
securityvulns
securityvulns
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-11 00:00:00
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
2007-08-22 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple Trend Micro ServerProtect Buffer Overflow Vulnerabilities
2007-09-18 00:00:00
Trend Micro ServerProtect RPC Multiple Buffer Overflows (CVE-2007-1070; CVE-2007-2508; CVE-2007-4218)
2007-03-14 00:00:00
saint
saint
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
2007-12-28 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
2007-12-28 00:00:00
prion
prion
Buffer overflow
2007-08-22 23:17:00
zdi
zdi
Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-07 00:00:00
cert
cert
Trend Micro ServerProtect RPC buffer overflows
2007-08-23 00:00:00
Trend Micro ServerProtect Agent service RPC stack-buffer overflow
2007-08-23 00:00:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.7%

JSON
Related for CVE-2007-4218
securityvulns3checkpoint_advisories2saint12prion1zdi1cert2nessus1