CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.0%
Added: 01/24/2006
CVE: CVE-2005-1929
BID: 15865
OSVDB: 21771
ServerProtect is a virus scanner for servers.
A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll.
Use the workaround described in the iDEFENSE advisory.
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=353>
Works on Trend Micro Control Manager 3.0. Since this is a heap overflow, the success of the exploit depends on the system state.
Windows 2000