25 matches found
CVE-2007-1070
Trend Micro ServerProtect RPC overflow CVE-2007-1070 affects ServerProtect for Windows/EMC 5.58 and Network Appliance Filer 5.61/5.62. A boundary/stack-based overflow in the RPC handling of TmRpcSrv.dll (via CMON_NetTestConnection, CMON_ActiveUpdate, CMON_ActiveRollback in StCommon.dll and ENG_Se...
CVE-2006-0642
Technical details about CVE-2006-0642 are not publicly provided in the connected documents. No explicit affected products/versions/exploit info are present. Monitor for updated advisories to obtain concrete risk, impact, and remediation guidance.
CVE-2007-6507
CVE-2007-6507 affects Trend Micro ServerProtect on Windows (5.58) prior to Security Patch 4. The vulnerability exists in the SpntSvc.exe RPC service, which exposes dangerous sub-functions from StRpcSrv.dll via the DCE/RPC interface, allowing remote attackers to obtain full filesystem access and e...
CVE-2007-2528
Summary: CVE-2007-2528 concerns a buffer overflow in Trend Micro ServerProtect 5.58 for Windows prior to Security Patch 3 Build 1176, via RPC-related vectors in AgRpcCln.dll. Connected documents provide concrete details for related vulnerability CVE-2007-2508, including multiple stack-based overf...
CVE-2007-0851
CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...
CVE-2007-0072
Trend Micro ServerProtect 5.7 and 5.58 are affected by a heap-based buffer overflow in an unspecified RPC-related procedure that may allow remote code execution. The vulnerability affects the RPC handling path and could enable arbitrary commands to run with the ServerProtect account or an adminis...
CVE-2007-2508
CVE-2007-2508 describes two remote, stack-based buffer overflow flaws in Trend Micro ServerProtect 5.58 that can be triggered via RPC on TCP ports 5168 (AgRpcClient::CreateBinding in SpntSvc.exe) and 3628 (EarthAgent.exe, reachable via TmRpcSrv.dll). Exploitation could allow arbitrary code execut...
CVE-2005-1929
Trend Micro ServerProtect Management Console (versions 5.58 and earlier, used in Control Manager 2.5/3.0 and Damage Cleanup Server 1.1) is affected by heap-based buffer overflows in two ISAPI DLLs, isaNVWRequest.dll and relay.dll, triggered by processing large chunked POST requests with wrapped l...
CVE-2007-1168
The CVE-2007-1168 issue affects Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 prior to 20070216. Multiple connected documents confirm a cookie-based authentication bypass on the web interface (port 14942/tcp) via the splx_2376_info cookie, allowing remote attackers to access arbit...
CVE-2007-4219
Trend Micro ServerProtect for Windows contains an integer overflow in RPCFN_SYNC_TASK (StRpcSrv.dll) used by the SpntSvc.exe service, exploitable by remote attackers via malformed requests to 5168/tcp. The flaw can trigger a heap-based buffer overflow and arbitrary code execution. Affected versio...
CVE-2008-0012
This CVE set concerns Trend Micro ServerProtect 5.7 and 5.58, with CVE-2008-0013 and CVE-2008-0014 described as heap-based buffer overflows in an unspecified procedure that allow remote code execution via unknown vectors, potentially related to product configuration. The connected documents provi...
CVE-2005-0533
CVE-2005-0533: Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI prior to 7.510, used across multiple Trend Micro products. An overly long ARJ header file name can overrun a buffer in the ARJ parsing path, enabling remote code execution when a crafted ARJ archive is scanned. Affec...
CVE-2007-0073
CVE-2007-0073 describes a heap-based buffer overflow in Trend Micro ServerProtect 5.7 and 5.58 . The vulnerability lies in an unspecified procedure, allowing remote attackers to execute arbitrary code, with potential vectors tied to a file read operation over RPC. The issue is characterized as a ...
CVE-2006-5269
CVE-2006-5269 describes a heap-based buffer overflow in an unspecified procedure of Trend Micro ServerProtect 5.7 and 5.58. The flaw is remote-accessible, likely related to an RPC interface, and can allow an attacker to execute arbitrary code. Affected products: Trend Micro ServerProtect 5.7 and ...
CVE-2007-1169
CVE-2007-1169 affects Trend Micro ServerProtect for Linux (SPLX) versions 1.25, 1.3, and 2.5 prior to 20070216. The web interface accepts logon requests over unencrypted HTTP, which could allow remote attackers to obtain user credentials by sniffing network traffic. This is the only vulnerability...
CVE-2007-4731
The CVE-2007-4731 vulnerability affects Trend Micro ServerProtect, specifically the TMregChange function in TMreg.dll. A stack-based buffer overflow is caused by improper bounds checking when processing crafted data sent to port 5005/TCP, enabling remote code execution with SYSTEM privileges. It ...
CVE-2005-1930
CVE-2005-1930 affects Trend Micro ServerProtect Management Console 5.58 (used with Control Manager 2.5/3.0 and Damage Cleanup Server 1.1). The issue is an input validation flaw in rptserver.asp handling the IMAGE parameter, enabling directory traversal and remote viewing of arbitrary files on the...
CVE-2006-6458
The CVE-2006-6458 entry affects the Trend Micro scan engine before 8.320 on Windows and before 8.150 on HP-UX/AIX, used in Trend Micro PC Cillin Internet Security 2006, Office Scan 7.3, and Server Protect 5.58. Root cause: processing a malformed RAR archive where the Archive Header head_size and ...
CVE-2007-4218
Trend Micro ServerProtect for Windows is affected by a buffer overflow in the SpntSvc RPC interface (port 5168) triggered via RPCFN_CMON_SetSvcImpersonateUser in Stcommon.dll, allowing remote code execution. Public sources detail this vulnerability as CVE-2007-4218 and identify the vulnerable com...
CVE-2007-0074
Trend Micro ServerProtect versions 5.7 and 5.58 contain a heap-based buffer overflow in an unspecified procedure, allowing remote code execution via unknown vectors (possibly related to a folder read operation over RPC). Affected product is Trend Micro ServerProtect; root cause is a heap overflow...
CVE-2008-0014
CVE-2008-0014 affects Trend Micro ServerProtect 5.7 and 5.58. The issue is a heap-based overflow in an unspecified procedure, allowing remote attackers to execute arbitrary code via unknown vectors (likely related to product configuration). The description and connected records consistently state...
CVE-2007-2533
Trend Micro ServerProtect 5.58 is affected by multiple buffer overflows exploitable via a crafted RPC message processed by (1) RPCFN_ActiveRollback in stcommon.dll, (2) ENG_SetRealTimeScanConfigInfo, or (3) ENG_SendEmail in eng50.dll. The vulnerabilities allow remote code execution with network a...
CVE-2006-5268
The CVE-2006-5268 entry concerns Trend Micro ServerProtect (versions 5.7 and 5.58). The connected documents describe an unspecified vulnerability that enables remote attackers to execute arbitrary code via vectors related to obtaining administrative access to the RPC interface, i.e., unauthentica...
CVE-2008-0013
Affected product: Trend Micro ServerProtect 5.7 and 5.58. Vulnerability: Heap-based buffer overflow in an unspecified procedure, enabling remote attackers to execute arbitrary code. Root cause / nature: Heap overflow; vectors are unknown (not specified in the provided documents, possibly related ...
CVE-2007-4490
This CVE (CVE-2007-4490) affects Trend Micro ServerProtect 5.58 for Windows prior to Security Patch 4. The vulnerability involves multiple buffer overflows in EarthAgent.exe caused by certain RPC function calls (RPCFN_EVENTBACK_DoHotFix and CMD_CHANGE_AGENT_REGISTER_INFO). Exploitation could allo...