CVE-2007-1070

2007-02-2111:28:00

mitre

web.nvd.nist.gov

cve

2007

1070

stack based buffer overflows

trend micro

serverprotect

windows

emc

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.954

Percentile

99.4%

JSON

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

Affected configurations

Nvd

Node

microsoftwindows_2000

microsoftwindows_2003_serverMatchr2

microsoftwindows_2003_serverMatchsp2

microsoftwindows_nt

microsoftwindows_vista32_bit

microsoftwindows_xpgold

AND

trend_microserverprotectMatch5.58emc

Node

trend_microserverprotectMatch5.58emc

trend_microserverprotectMatch5.61network_appliance_filer

trend_microserverprotectMatch5.62network_appliance_filer

VendorProductVersionCPE
microsoftwindows_2000*cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
microsoftwindows_2003_serverr2cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
microsoftwindows_2003_serversp2cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
microsoftwindows_nt*cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
microsoftwindows_vista*cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
trend_microserverprotect5.58cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*
trend_microserverprotect5.61cpe:2.3:a:trend_micro:serverprotect:5.61:*:network_appliance_filer:*:*:*:*:*
trend_microserverprotect5.62cpe:2.3:a:trend_micro:serverprotect:5.62:*:network_appliance_filer:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_2000	*	cpe:2.3:o:microsoft:windows_2000::::::::
microsoft	windows_2003_server	r2	cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*
microsoft	windows_2003_server	sp2	cpe:2.3:o:microsoft:windows_2003_server:sp2:::::::*
microsoft	windows_nt	*	cpe:2.3:o:microsoft:windows_nt::::::::
microsoft	windows_vista	*	cpe:2.3:o:microsoft:windows_vista:::32_bit:::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::gold::::::*
trend_micro	serverprotect	5.58	cpe:2.3:a:trend_micro:serverprotect:5.58::emc:::::
trend_micro	serverprotect	5.61	cpe:2.3:a:trend_micro:serverprotect:5.61::network_appliance_filer:::::
trend_micro	serverprotect	5.62	cpe:2.3:a:trend_micro:serverprotect:5.62::network_appliance_filer:::::