Lucene search
K
Trend MicroServerprotect

25 matches found

CVE
CVE
added 2007/02/21 11:0 a.m.76 views

CVE-2007-1070

Trend Micro ServerProtect RPC overflow CVE-2007-1070 affects ServerProtect for Windows/EMC 5.58 and Network Appliance Filer 5.61/5.62. A boundary/stack-based overflow in the RPC handling of TmRpcSrv.dll (via CMON_NetTestConnection, CMON_ActiveUpdate, CMON_ActiveRollback in StCommon.dll and ENG_Se...

10CVSS7.5AI score0.73767EPSS
Web
CVE
CVE
added 2006/02/10 11:0 a.m.75 views

CVE-2006-0642

Technical details about CVE-2006-0642 are not publicly provided in the connected documents. No explicit affected products/versions/exploit info are present. Monitor for updated advisories to obtain concrete risk, impact, and remediation guidance.

5.1CVSS6.8AI score0.01874EPSS
CVE
CVE
added 2007/12/20 11:0 p.m.69 views

CVE-2007-6507

CVE-2007-6507 affects Trend Micro ServerProtect on Windows (5.58) prior to Security Patch 4. The vulnerability exists in the SpntSvc.exe RPC service, which exposes dangerous sub-functions from StRpcSrv.dll via the DCE/RPC interface, allowing remote attackers to obtain full filesystem access and e...

10CVSS7.4AI score0.36648EPSS
Web
CVE
CVE
added 2007/05/08 11:0 p.m.62 views

CVE-2007-2528

Summary: CVE-2007-2528 concerns a buffer overflow in Trend Micro ServerProtect 5.58 for Windows prior to Security Patch 3 Build 1176, via RPC-related vectors in AgRpcCln.dll. Connected documents provide concrete details for related vulnerability CVE-2007-2508, including multiple stack-based overf...

10CVSS7.7AI score0.03731EPSS
CVE
CVE
added 2007/02/08 6:0 p.m.59 views

CVE-2007-0851

CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...

9.3CVSS7.8AI score0.083EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.57 views

CVE-2007-0072

Trend Micro ServerProtect 5.7 and 5.58 are affected by a heap-based buffer overflow in an unspecified RPC-related procedure that may allow remote code execution. The vulnerability affects the RPC handling path and could enable arbitrary commands to run with the ServerProtect account or an adminis...

10CVSS8.1AI score0.08445EPSS
CVE
CVE
added 2007/05/08 11:0 p.m.57 views

CVE-2007-2508

CVE-2007-2508 describes two remote, stack-based buffer overflow flaws in Trend Micro ServerProtect 5.58 that can be triggered via RPC on TCP ports 5168 (AgRpcClient::CreateBinding in SpntSvc.exe) and 3628 (EarthAgent.exe, reachable via TmRpcSrv.dll). Exploitation could allow arbitrary code execut...

10CVSS7.7AI score0.77194EPSS
CVE
CVE
added 2005/12/14 9:0 p.m.55 views

CVE-2005-1929

Trend Micro ServerProtect Management Console (versions 5.58 and earlier, used in Control Manager 2.5/3.0 and Damage Cleanup Server 1.1) is affected by heap-based buffer overflows in two ISAPI DLLs, isaNVWRequest.dll and relay.dll, triggered by processing large chunked POST requests with wrapped l...

7.5CVSS7.3AI score0.04944EPSS
CVE
CVE
added 2007/02/28 3:0 p.m.53 views

CVE-2007-1168

The CVE-2007-1168 issue affects Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 prior to 20070216. Multiple connected documents confirm a cookie-based authentication bypass on the web interface (port 14942/tcp) via the splx_2376_info cookie, allowing remote attackers to access arbit...

7.5CVSS6.8AI score0.02444EPSS
CVE
CVE
added 2007/08/22 11:0 p.m.52 views

CVE-2007-4219

Trend Micro ServerProtect for Windows contains an integer overflow in RPCFN_SYNC_TASK (StRpcSrv.dll) used by the SpntSvc.exe service, exploitable by remote attackers via malformed requests to 5168/tcp. The flaw can trigger a heap-based buffer overflow and arbitrary code execution. Affected versio...

10CVSS7.9AI score0.10469EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.52 views

CVE-2008-0012

This CVE set concerns Trend Micro ServerProtect 5.7 and 5.58, with CVE-2008-0013 and CVE-2008-0014 described as heap-based buffer overflows in an unspecified procedure that allow remote code execution via unknown vectors, potentially related to product configuration. The connected documents provi...

10CVSS8AI score0.06751EPSS
CVE
CVE
added 2005/02/24 5:0 a.m.51 views

CVE-2005-0533

CVE-2005-0533: Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI prior to 7.510, used across multiple Trend Micro products. An overly long ARJ header file name can overrun a buffer in the ARJ parsing path, enabling remote code execution when a crafted ARJ archive is scanned. Affec...

7.5CVSS7.9AI score0.04409EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.51 views

CVE-2007-0073

CVE-2007-0073 describes a heap-based buffer overflow in Trend Micro ServerProtect 5.7 and 5.58 . The vulnerability lies in an unspecified procedure, allowing remote attackers to execute arbitrary code, with potential vectors tied to a file read operation over RPC. The issue is characterized as a ...

10CVSS8.1AI score0.08445EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.49 views

CVE-2006-5269

CVE-2006-5269 describes a heap-based buffer overflow in an unspecified procedure of Trend Micro ServerProtect 5.7 and 5.58. The flaw is remote-accessible, likely related to an RPC interface, and can allow an attacker to execute arbitrary code. Affected products: Trend Micro ServerProtect 5.7 and ...

10CVSS8.2AI score0.08445EPSS
CVE
CVE
added 2007/02/28 3:0 p.m.48 views

CVE-2007-1169

CVE-2007-1169 affects Trend Micro ServerProtect for Linux (SPLX) versions 1.25, 1.3, and 2.5 prior to 20070216. The web interface accepts logon requests over unencrypted HTTP, which could allow remote attackers to obtain user credentials by sniffing network traffic. This is the only vulnerability...

5CVSS6.7AI score0.01574EPSS
CVE
CVE
added 2007/09/12 1:0 a.m.48 views

CVE-2007-4731

The CVE-2007-4731 vulnerability affects Trend Micro ServerProtect, specifically the TMregChange function in TMreg.dll. A stack-based buffer overflow is caused by improper bounds checking when processing crafted data sent to port 5005/TCP, enabling remote code execution with SYSTEM privileges. It ...

10CVSS7.7AI score0.09561EPSS
CVE
CVE
added 2005/12/14 8:0 p.m.47 views

CVE-2005-1930

CVE-2005-1930 affects Trend Micro ServerProtect Management Console 5.58 (used with Control Manager 2.5/3.0 and Damage Cleanup Server 1.1). The issue is an input validation flaw in rptserver.asp handling the IMAGE parameter, enabling directory traversal and remote viewing of arbitrary files on the...

5CVSS6.8AI score0.01916EPSS
CVE
CVE
added 2006/12/11 5:0 p.m.47 views

CVE-2006-6458

The CVE-2006-6458 entry affects the Trend Micro scan engine before 8.320 on Windows and before 8.150 on HP-UX/AIX, used in Trend Micro PC Cillin Internet Security 2006, Office Scan 7.3, and Server Protect 5.58. Root cause: processing a malformed RAR archive where the Archive Header head_size and ...

7.8CVSS7AI score0.02521EPSS
CVE
CVE
added 2007/08/22 11:0 p.m.47 views

CVE-2007-4218

Trend Micro ServerProtect for Windows is affected by a buffer overflow in the SpntSvc RPC interface (port 5168) triggered via RPCFN_CMON_SetSvcImpersonateUser in Stcommon.dll, allowing remote code execution. Public sources detail this vulnerability as CVE-2007-4218 and identify the vulnerable com...

10CVSS7.5AI score0.13021EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.46 views

CVE-2007-0074

Trend Micro ServerProtect versions 5.7 and 5.58 contain a heap-based buffer overflow in an unspecified procedure, allowing remote code execution via unknown vectors (possibly related to a folder read operation over RPC). Affected product is Trend Micro ServerProtect; root cause is a heap overflow...

10CVSS8.1AI score0.08445EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.45 views

CVE-2008-0014

CVE-2008-0014 affects Trend Micro ServerProtect 5.7 and 5.58. The issue is a heap-based overflow in an unspecified procedure, allowing remote attackers to execute arbitrary code via unknown vectors (likely related to product configuration). The description and connected records consistently state...

10CVSS8AI score0.06751EPSS
CVE
CVE
added 2007/05/09 12:0 a.m.43 views

CVE-2007-2533

Trend Micro ServerProtect 5.58 is affected by multiple buffer overflows exploitable via a crafted RPC message processed by (1) RPCFN_ActiveRollback in stcommon.dll, (2) ENG_SetRealTimeScanConfigInfo, or (3) ENG_SendEmail in eng50.dll. The vulnerabilities allow remote code execution with network a...

10CVSS7.7AI score0.05359EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.42 views

CVE-2006-5268

The CVE-2006-5268 entry concerns Trend Micro ServerProtect (versions 5.7 and 5.58). The connected documents describe an unspecified vulnerability that enables remote attackers to execute arbitrary code via vectors related to obtaining administrative access to the RPC interface, i.e., unauthentica...

10CVSS7.6AI score0.07074EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.42 views

CVE-2008-0013

Affected product: Trend Micro ServerProtect 5.7 and 5.58. Vulnerability: Heap-based buffer overflow in an unspecified procedure, enabling remote attackers to execute arbitrary code. Root cause / nature: Heap overflow; vectors are unknown (not specified in the provided documents, possibly related ...

10CVSS8AI score0.06751EPSS
CVE
CVE
added 2007/08/22 11:0 p.m.41 views

CVE-2007-4490

This CVE (CVE-2007-4490) affects Trend Micro ServerProtect 5.58 for Windows prior to Security Patch 4. The vulnerability involves multiple buffer overflows in EarthAgent.exe caused by certain RPC function calls (RPCFN_EVENTBACK_DoHotFix and CMD_CHANGE_AGENT_REGISTER_INFO). Exploitation could allo...

10CVSS7AI score0.02514EPSS