CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1070

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1570%
EPSS Percentile26.72th
PublishedFeb 21, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

Affected Platforms (CPE)

πŸ“¦
Trend Micro

Serverprotect

= 5.58
πŸ“¦
Trend Micro

Serverprotect

= 5.61
πŸ“¦
Trend Micro

Serverprotect

= 5.62

References & Advisories

πŸ”— http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
πŸ”— http://osvdb.org/33042
πŸ”— http://secunia.com/advisories/24243
πŸ”— http://www.kb.cert.org/vuls/id/349393
πŸ”— http://www.kb.cert.org/vuls/id/466609
πŸ”— http://www.kb.cert.org/vuls/id/630025
πŸ”— http://www.kb.cert.org/vuls/id/730433
πŸ”— http://www.securityfocus.com/archive/1/460686/100/0/threaded

Related Vulnerabilities

CVE-2006-526910.0

Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execut...

CVE-2007-250810.0

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers ...

CVE-2006-526810.0

Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors ...

CVE-2007-252810.0

Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote at...