Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-4218
HistoryAug 22, 2007 - 11:17 p.m.

CVE-2007-4218

2007-08-2223:17:00
CWE-119
CWE-20
CWE-189
mitre
web.nvd.nist.gov
24
cve-2007-4218
trend micro
serverprotect
buffer overflow
remote code execution
rpc
tcp ports
security patch

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON

Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in © Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.

Affected configurations

Nvd
Node
trend_microserverprotectMatch5.58build_1176_for_windows
VendorProductVersionCPE
trend_microserverprotect5.58cpe:2.3:a:trend_micro:serverprotect:5.58:build_1176_for_windows:*:*:*:*:*:*

Related

zdi 1
cert 2
saint 12
checkpoint_advisories 2
securityvulns 3
prion 1
cvelist 1
nvd 1
nessus 1
zdi
zdi
Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-07 00:00:00
cert
cert
Trend Micro ServerProtect RPC buffer overflows
2007-08-23 00:00:00
Trend Micro ServerProtect Agent service RPC stack-buffer overflow
2007-08-23 00:00:00
saint
saint
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
2007-12-28 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple Trend Micro ServerProtect Buffer Overflow Vulnerabilities
2007-09-18 00:00:00
Trend Micro ServerProtect RPC Multiple Buffer Overflows (CVE-2007-1070; CVE-2007-2508; CVE-2007-4218)
2007-03-14 00:00:00
securityvulns
securityvulns
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-11 00:00:00
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
2007-08-22 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
prion
prion
Buffer overflow
2007-08-22 23:17:00
cvelist
cvelist
CVE-2007-4218
2007-08-22 23:00:00
nvd
nvd
CVE-2007-4218
2007-08-22 23:17:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON
Related for CVE-2007-4218
zdi1cert2saint12checkpoint_advisories2securityvulns3prion1cvelist1nvd1nessus1