Serverprotect Security Vulnerabilities and Issues — Serverprotect CVE List

Lucene search

Trend MicroServerprotect

25 matches found

CVE•added 2006/02/10 11:2 a.m.•63 views

CVE-2006-0642

Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote at...

5.1CVSS6.8AI score0.00842EPSS

CVE•added 2007/12/20 11:46 p.m.•58 views

CVE-2007-6507

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.

10CVSS7.4AI score0.7136EPSS

CVE•added 2007/02/21 11:28 a.m.•53 views

CVE-2007-1070

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (...

10CVSS7.5AI score0.78115EPSS

CVE•added 2007/05/08 11:19 p.m.•46 views

CVE-2007-2508

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in Sp...

10CVSS7.7AI score0.68877EPSS

CVE•added 2008/11/17 11:30 p.m.•45 views

CVE-2007-0072

Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.

10CVSS8.1AI score0.25203EPSS

CVE•added 2007/03/02 9:18 p.m.•43 views

CVE-2007-1168

Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

7.5CVSS6.8AI score0.01341EPSS

CVE•added 2005/12/14 9:3 p.m.•42 views

CVE-2005-1929

Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chu...

7.5CVSS7.3AI score0.04754EPSS

CVE•added 2008/11/17 11:30 p.m.•42 views

CVE-2007-0073

10CVSS8.1AI score0.25203EPSS

CVE•added 2007/02/08 6:28 p.m.•41 views

CVE-2007-0851

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.

9.3CVSS7.8AI score0.34983EPSS

CVE•added 2007/05/08 11:19 p.m.•41 views

CVE-2007-2528

Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.

10CVSS7.7AI score0.68877EPSS

CVE•added 2007/08/22 11:17 p.m.•41 views

CVE-2007-4219

Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5...

10CVSS7.9AI score0.39624EPSS

CVE•added 2008/11/17 11:30 p.m.•39 views

CVE-2008-0012

10CVSS8AI score0.12196EPSS

CVE•added 2007/03/02 9:18 p.m.•38 views

CVE-2007-1169

The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.

5CVSS6.7AI score0.00223EPSS

CVE•added 2005/12/14 8:7 p.m.•37 views

CVE-2005-1930

Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE ...

5CVSS6.8AI score0.00873EPSS

CVE•added 2008/11/17 11:30 p.m.•37 views

CVE-2006-5269

Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.

10CVSS8.2AI score0.21709EPSS

CVE•added 2007/09/12 1:17 a.m.•36 views

CVE-2007-4731

Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.

10CVSS7.7AI score0.35606EPSS

CVE•added 2006/12/11 5:28 p.m.•35 views

CVE-2006-6458

The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR arc...

7.8CVSS7AI score0.00744EPSS

CVE•added 2008/11/17 11:30 p.m.•34 views

CVE-2007-0074

10CVSS8.1AI score0.25203EPSS

CVE•added 2008/11/17 11:30 p.m.•34 views

CVE-2008-0014

10CVSS8AI score0.12196EPSS

CVE•added 2007/05/09 12:19 a.m.•33 views

CVE-2007-2533

Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_...

10CVSS7.7AI score0.1907EPSS

CVE•added 2007/08/22 11:17 p.m.•33 views

CVE-2007-4218

Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_...

10CVSS7.5AI score0.58475EPSS

CVE•added 2008/11/17 11:30 p.m.•32 views

CVE-2008-0013

10CVSS8AI score0.12196EPSS

CVE•added 2005/05/02 4:0 a.m.•31 views

CVE-2005-0533

Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.

7.5CVSS7.9AI score0.06973EPSS

CVE•added 2008/11/17 11:30 p.m.•30 views

CVE-2006-5268

Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."

10CVSS7.6AI score0.15235EPSS

CVE•added 2007/08/22 11:17 p.m.•28 views

CVE-2007-4490

Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.

10CVSS7AI score0.00941EPSS