Lucene search
RootSSV:2201HistorySep 11, 2007 - 12:00 a.m.
Trend Micro ServerProtect TMregChange()函数栈缓冲区溢出漏洞
2007-09-1100:00:00
Root
www.seebug.org
16
0.945 High
EPSS
Percentile
99.2%
CVE(CAN) ID: CVE-2007-4731
Trend ServerProtect是一款企业级反病毒程序。
ServerProtect在处理超长畸形数据时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。
ServerProtect的TMReg.dll库所导出的TMregChange()例程中存在栈溢出漏洞,绑定到5005端口的TCP套接字未经边界检查便将用户提供的数据拷贝到了栈缓冲区,如果用户提交了超长请求就可以触发这个溢出,导致执行任意指令。
Trend Micro ServerProtect 5.58
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.antivirus.com/” target=“_blank”>http://www.antivirus.com/</a>
Related
saint
saint
Trend Micro ServerProtect TMregChange buffer overflow
2007-09-27 00:00:00
Trend Micro ServerProtect TMregChange buffer overflow
2007-09-27 00:00:00
Trend Micro ServerProtect TMregChange buffer overflow
2007-09-27 00:00:00
nvd
nvd
CVE-2007-4731
2007-09-12 01:17:00
securityvulns
securityvulns
ZDI-07-051: Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability
2007-09-11 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
prion
prion
Stack overflow
2007-09-12 01:17:00
cvelist
cvelist
CVE-2007-4731
2007-09-12 01:00:00
cve
cve
CVE-2007-4731
2007-09-12 01:17:00
zdi
zdi
Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability
2007-09-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Trend Micro ServerProtect TMregChange Stack Overflow (CVE-2007-4731)
2009-10-15 00:00:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00