Vulnerabilites related to trend_micro - serverprotect
Vulnerability from fkie_nvd
Published
2007-03-02 21:18
Modified
2024-11-21 00:27
Severity ?
Summary
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 1.3 | |
| trend_micro | serverprotect | 1.25_2007-02-16 | |
| trend_micro | serverprotect | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*",
"matchCriteriaId": "FB28FE16-F163-4287-9A4E-843C2E67792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*",
"matchCriteriaId": "6E8704FA-AA3C-4664-A5AA-50F60AE77642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "BEDB64E2-6157-47C1-842E-26A40A885ECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp)."
},
{
"lang": "es",
"value": "Trend Micro ServerProtect para Linux (SPLX) 1.25, 1.3, y 2.5 anterior a 20070216 permite a atacantes remotos acceder a p\u00e1ginas web de su elecci\u00f3n y recofigurar el producto a trav\u00e9s de respuesta HTTP con la cookie splx_2376_info en el puerto de interfaz web (14942/tcp)."
}
],
"id": "CVE-2007-1168",
"lastModified": "2024-11-21T00:27:40.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-02T21:18:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24264"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017685"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22662"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0691"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-08 23:19
Modified
2024-11-21 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49B34BBC-D48A-48F7-B30E-0FDAB21E2631",
"versionEndIncluding": "5.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n?? stack de la memoria en Trend Micro ServerProtect versi\u00f3n 5.58 anterior al parche de seguridad 2 Build 1174, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de datos creados para (1) el puerto TCP 5168, que desencadena un desbordamiento en la funci\u00f3n CAgRpcClient::CreateBinding en AgRpcCln. en la biblioteca DLL en el archivo SpntSvc.exe; o (2) el puerto TCP 3628, que activa un desbordamiento en el archivo EarthAgent.exe. NOTA: ambos problemas son accesibles por medio de la biblioteca TmRpcSrv.dll."
}
],
"id": "CVE-2007-2508",
"lastModified": "2024-11-21T00:30:57.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-08T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35789"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35790"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25186"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018010"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/488424"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/515616"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23866"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23868"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/488424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/515616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-10 11:02
Modified
2024-11-21 00:06
Severity ?
Summary
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | interscan_messaging_security_suite | * | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42ECD45D-EB0D-4B7B-A2F6-529EA9BD3746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "459E1A3E-1EF9-4544-B2F9-28654A2D565E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
],
"id": "CVE-2006-0642",
"lastModified": "2024-11-21T00:06:59.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-02-10T11:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:24
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en un procedimiento no especificado en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores desconocidos, posiblemente relacionados con una operaci\u00f3n de lectura de carpeta sobre RPC."
}
],
"id": "CVE-2007-0074",
"lastModified": "2024-11-21T00:24:54.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39051"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:24
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en un procedimiento no especificado en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores desconocidos, posiblemente relacionados con una operaci\u00f3n de lectura sobre RPC."
}
],
"id": "CVE-2007-0072",
"lastModified": "2024-11-21T00:24:54.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38760"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-21 11:28
Modified
2024-11-21 00:27
Severity ?
Summary
Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | sp2 | |
| microsoft | windows_nt | * | |
| microsoft | windows_vista | * | |
| microsoft | windows_xp | * | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | 5.61 | |
| trend_micro | serverprotect | 5.62 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*",
"matchCriteriaId": "CC3161FD-F631-405A-BE3A-0B78D5DCD7B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*",
"matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.61:*:network_appliance_filer:*:*:*:*:*",
"matchCriteriaId": "D8226C36-C336-4E78-88CB-8DC4562A3444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.62:*:network_appliance_filer:*:*:*:*:*",
"matchCriteriaId": "7B6C8B25-06D1-4831-B40F-E9F03C9C2A63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en Trend Micro ServerProtect para Windows y EMC 5.58, y para Network Appliance Filer 5.61 y 5.62, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s respuestas RPC manipuladas en TmRpcSrv.dll que disparan un desbordamiento de b\u00fafer cuando se llama a las funciones (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, y (3) CMON_ActiveRollbackn en (a) StCommon.dll, y (4) ENG_SetRealTimeScanConfigInfo y (5) las funciones ENG_SendEMail en (b) eng50.dll."
}
],
"id": "CVE-2007-1070",
"lastModified": "2024-11-21T00:27:26.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-21T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33042"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24243"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/349393"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/466609"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/630025"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730433"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/460686/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/460690/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22639"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017676"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0670"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32594"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/349393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/466609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/630025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/460686/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/460690/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32601"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-02 21:18
Modified
2024-11-21 00:27
Severity ?
Summary
The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 1.25_2007-02-16 | |
| trend_micro | serverprotect | 1.25_2007-02-16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*",
"matchCriteriaId": "6E8704FA-AA3C-4664-A5AA-50F60AE77642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:1.3:*:*:*:*:*:*",
"matchCriteriaId": "DB3418C3-1AE8-4011-9B6C-6A3D6F891AED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network."
},
{
"lang": "es",
"value": "La interfaz web en Trend Micro ServerProtect para Linux (SPLX) 1.25, 1.3, y 2.5 versiones anteriores a 20070216 acepta peticiones de acceso (logon) a trav\u00e9s de HTTP sin cifrar, lo cual permitir\u00eda a atacantes remotos obtener credenciales al rastrear la red."
}
],
"id": "CVE-2007-1169",
"lastModified": "2024-11-21T00:27:41.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-02T21:18:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-14 21:03
Modified
2024-11-20 23:58
Severity ?
Summary
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:*:*:emc:*:*:*:*:*",
"matchCriteriaId": "37239A26-21E5-4A7D-BB3B-219954F72751",
"versionEndIncluding": "5.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \"wrapped\" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro\u0027s product."
}
],
"id": "CVE-2005-1929",
"lastModified": "2024-11-20T23:58:26.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-14T21:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18038"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/256"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/257"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015358"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/21771"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/21772"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15865"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15866"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/21771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/21772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-22 23:17
Modified
2024-11-21 00:35
Severity ?
Summary
Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:build_1176_for_windows:*:*:*:*:*:*",
"matchCriteriaId": "E260C8CE-53F3-4960-A799-536B94840793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el servicio ServerProtect (archivo SpntSvc.exe) en Trend Micro ServerProtect para Windows versiones anteriores a 5.58 Parche de Seguridad 4, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de ciertas peticiones RPC en ciertos puertos TCP que son procesados por las funciones (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan y (3) RPCFN_SetComputerName funciona en (a) la biblioteca StRpcSrv.dll; las funciones (4) RPCFN_CMON_SetSvcImpersonateUser y (5) RPCFN_OldCMON_SetSvcImpersonateUser en (b) la biblioteca Stcommon.dll; las funciones (6) RPCFN_ENG_TakeActionOnAFile y (7) RPCFN_ENG_AddTaskExportLogItem en (c) la biblioteca Eng50.dll; la (8) funci\u00f3n NTF_SetPagerNotifyConfig en (d) la biblioteca Notification.dll; o la (9) funci\u00f3n RPCFN_CopyAUSrc en el (e) servicio ServerProtect Agent."
}
],
"id": "CVE-2007-4218",
"lastModified": "2024-11-21T00:35:04.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-22T23:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/109056"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/204448"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478866/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25395"
},
{
"source": "cve@mitre.org",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36172"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36174"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36175"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36176"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/109056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/204448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478866/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:40
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014."
},
{
"lang": "es",
"value": "Desbordamiento del b\u00fafer basado en mont\u00edculo en un procedimiento no especificado en Trend Micro ServerProtect v5.7 y v5.58 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores desconocidos, posiblemente relacionados con la configuraci\u00f3n de productos, una vulnerabilidad diferente de CVE-2008-0012 y CVE-2008-0014."
}
],
"id": "CVE-2008-0013",
"lastModified": "2024-11-21T00:40:58.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39919"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-08 23:19
Modified
2024-11-21 00:31
Severity ?
Summary
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*",
"matchCriteriaId": "5E2F6774-B29F-47E6-8E50-8CF4D9AB3EEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en AgRpcCln.dll para Trend Micro ServerProtect 5.58 para Windows anberior a Security Patch 3 Build 1176 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores desconocidos relacionados con peticiones RPC. NOTA: esta es probablemente una vulnerabilidad distinta de CVE-2007-2508."
}
],
"id": "CVE-2007-2528",
"lastModified": "2024-11-21T00:31:00.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-08T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35793"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:18
Severity ?
Summary
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining \"administrative access to the RPC interface.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados para obtener \"acceso administrativo a la interface RPC\"."
}
],
"id": "CVE-2006-5268",
"lastModified": "2024-11-21T00:18:32.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.233",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/307.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/307.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-12 01:17
Modified
2024-11-21 00:36
Severity ?
Summary
Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:*:*:windows:*:*:*:*:*",
"matchCriteriaId": "E636E00E-072C-42A3-A87E-EAB13DA92FC6",
"versionEndIncluding": "5.58_security_patch_3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n TMregChange de TMReg.dll de Trend Micro SErverProtect anterir a 5.58 Security Patch 4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete manipulado al puerto TCP 5005."
}
],
"id": "CVE-2007-4731",
"lastModified": "2024-11-21T00:36:18.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-12T01:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/45878"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478867/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/45878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478867/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36512"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-11 17:28
Modified
2024-11-21 00:22
Severity ?
Summary
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | officescan | 7.3 | |
| trend_micro | pc_cillin_-_internet_security_2006 | * | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD1ADE-408F-45D0-BD0B-FBC83ED976F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D237983-725B-43B5-B733-D25397A846C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop."
},
{
"lang": "es",
"value": "El motor de escaneo de Trend Micro anterior a 8.320 para Windows y anterior a 8.150 en HP-UX y AIX, utilizado en Trend Micro PC Cillin - internet Security 2006, Office Scan 7.3, y Server Protect 5.58, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de CPU y cuelgue de aplicaci\u00f3n) mediante un archivo RAR mal formado con una secci\u00f3n Cabecera de Archivo con lo campos head_size (tama\u00f1o de cabecera) y pack_size (tama\u00f1o de paquete) puestos a cero, lo cual dispara un bucle infinito."
}
],
"id": "CVE-2006-6458",
"lastModified": "2024-11-21T00:22:44.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-11T17:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23321"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21509"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4918"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:40
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013."
},
{
"lang": "es",
"value": "Un Desbordamiento de b\u00fafer en la memoria libre para la reserva din\u00e1mica (heap) en un procedimiento no especificado de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, posiblemente relacionados con la configuraci\u00f3n del producto, una vulnerabilidad diferente que CVE-2008-0012 y CVE-2008-0013."
}
],
"id": "CVE-2008-0014",
"lastModified": "2024-11-21T00:40:58.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39920"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:24
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en memoria libre para la reserva din\u00e1mica (heap) en un procedimiento no especificado de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, posiblemente relacionados con una operaci\u00f3n de lectura de un fichero sobre RPC."
}
],
"id": "CVE-2007-0073",
"lastModified": "2024-11-21T00:24:54.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.343",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/309.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39050"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-08 18:28
Modified
2024-11-21 00:26
Severity ?
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068639F9-89E0-4B19-9E24-550087080419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4801FB64-FFC4-4167-9855-69EB8A424EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:linux_5.1.1:*:*:*:*:*",
"matchCriteriaId": "0D03DBA4-3F2D-433A-8D17-01B4D7E16EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183:*:*:*:*:*:*:*",
"matchCriteriaId": "E4587F87-E033-4636-9B61-18D1A7AA54D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "29DA2B3D-D055-4328-8AD3-B5B407B17328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D948171A-3B54-462A-8B2E-2C0266A37E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9D4E2E-889B-4233-8887-9CF00A5023A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F35126E8-F926-4C0B-B37F-AFE78DD2526F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182:*:*:*:*:*:*:*",
"matchCriteriaId": "DA820000-7608-4E3B-A05D-0C3CFC35227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166:*:*:*:*:*:*:*",
"matchCriteriaId": "20349641-1EAD-4401-996F-15C131574F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA147F1-224C-4230-9831-5EB153748793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190:*:*:*:*:*:*:*",
"matchCriteriaId": "E2417050-7F5A-4702-A6F5-DFEFE96CCD78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9F63FB-7B5F-49AF-BC84-B3250A08720A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2F72A6DE-BA1B-4907-B19D-D71B172BB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.81:*:linux:*:*:*:*:*",
"matchCriteriaId": "37ECAEF4-8A0D-4B90-8E4A-62BA72DAA702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F81C82F-4997-4D4E-981B-F1601A8AD281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3120FB-140A-458B-8926-7FE3593331FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B9239FE6-7FE3-4013-8E73-DE648F24EFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "12023885-3D72-4CE4-B60F-F91EEE0C9153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0B132F48-3C0D-4DC9-9255-BB2D1CEBF855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466:*:*:*:*:*:*:*",
"matchCriteriaId": "772DC29B-9C2C-4446-9352-6707E6B6F08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3079D9E-853D-46D3-92E8-E125CC800DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ADC38A-3C58-42B3-9396-0D7B14EA0B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DC6D16A-3D1C-4AA6-B039-BFF5BEE64693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux_1.0.0_ja:*:*:*:*:*",
"matchCriteriaId": "110A575E-761B-4DD7-B4BE-B9AD22C85213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:4.5.0:*:microsof_sbs:*:*:*:*:*",
"matchCriteriaId": "11302ED5-C1AB-40D0-B019-A85C43E362D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD1ADE-408F-45D0-BD0B-FBC83ED976F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "567D7B70-7FE7-4C4F-8D09-C72E28F04FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78CDE85D-4C4B-42D0-BF64-11E880168A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E455A061-A34B-4AB7-88C7-222DB08BED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB1055E-31AA-44DE-A74C-8678A0C268C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*",
"matchCriteriaId": "408D7C07-D6CF-4722-AB74-70DE7C114FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:*",
"matchCriteriaId": "26DA917A-B842-40E7-B3A1-8546ADBB401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3D9AE-690A-4ACE-B6A2-E83F1B7C5507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B425-D79F-4B5F-A588-5DCDCFB87B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D237983-725B-43B5-B733-D25397A846C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.2:*:sharepoint:*:*:*:*:*",
"matchCriteriaId": "1F34805C-1602-45F7-8C03-D585D2F44594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71DAD29C-23D7-45C0-8B1B-AD9CD260EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanning_engine:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB5BDA1-06D4-49B9-99CD-F8B67A5EB895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7ACC41-E475-4770-B446-4B41EE008A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*",
"matchCriteriaId": "5E2F6774-B29F-47E6-8E50-8CF4D9AB3EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB7A187-75F5-41B5-A6A9-2C28AC5F0F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42A4608B-A7E7-4217-8F88-C12E9DEC9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:novell_netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1B8E24-4A28-4110-8DF4-72A5D19FAEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0BE038-C7F1-45FE-BE54-3D4245B3F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:viruswall:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABCB699-614A-45A5-B906-7650BB32EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:web_security_suite:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96D764CC-3574-4D95-8EA2-2C02F36EF133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:webprotect:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21F178A5-CEAF-407F-BDE1-2328A4B959A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versi\u00f3n 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un ejecutable comprimido UPX malformado."
}
],
"evaluatorImpact": "Failed exploit attempts will likely cause a denial-of-service condition.",
"id": "CVE-2007-0851",
"lastModified": "2024-11-21T00:26:53.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-08T18:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33038"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "cve@mitre.org",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:18
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la memoria libre para la reserva din\u00e1mica (heap) en un procedimiento no especificado de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, probablemente relacionados con una interfaz RPC."
}
],
"id": "CVE-2006-5269",
"lastModified": "2024-11-21T00:18:33.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/308.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/308.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31113"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-20 23:46
Modified
2024-11-21 00:40
Severity ?
Summary
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58_security_patch_3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58_security_patch_3:*:windows:*:*:*:*:*",
"matchCriteriaId": "DF85A171-B399-48F3-B5F5-9A1AF0A669F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain \"full file system access\" and execute arbitrary code."
},
{
"lang": "es",
"value": "El demonio SpntSvc.exe en Trend Micro ServerProtect 5.58 para Windows, anterior al Security Patch 4, expone sub-funciones peligrosas no especificadas de StRpcSrv.dll en la interfaz DCE/RPC, lo cual permite a atacantes remotos obtener \"acceso completo al sistema de ficheros\" y ejecutar c\u00f3digo de su elecci\u00f3n."
}
],
"id": "CVE-2007-6507",
"lastModified": "2024-11-21T00:40:19.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-20T23:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/44318"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3475"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/485250/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26912"
},
{
"source": "cve@mitre.org",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/44318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/485250/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-22 23:17
Modified
2024-11-21 00:35
Severity ?
Summary
Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:build_1176_for_windows:*:*:*:*:*:*",
"matchCriteriaId": "E260C8CE-53F3-4960-A799-536B94840793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Un desbordamiento de enteros en la funci\u00f3n RPCFN_SYNC_TASK de la biblioteca StRpcSrv.dll, tal y como es usada en el servicio ServerProtect (archivo SpntSvc.exe), en Trend Micro ServerProtect para Windows versiones anteriores a 5.58 Parche de Seguridad 4, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un determinado campo de enteros en un paquete de petici\u00f3n hacia el puerto TCP 5168, lo que desencadena un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2007-4219",
"lastModified": "2024-11-21T00:35:04.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-22T23:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/959400"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25396"
},
{
"source": "cve@mitre.org",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/959400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36168"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-09 00:19
Modified
2024-11-21 00:31
Severity ?
Summary
Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Trend Micro ServerProtect 5.58 anterior al Security Patch 2-Build 1174 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un mensaje RPC manipulado procesado por (1) la funci\u00f3n RPCFN_ActiveRollback de (a) stcommon.dll, o las funciones (2) ENG_SetRealTimeScanConfigInfo o (3) ENG_SendEmail de (b) eng50.dll."
}
],
"id": "CVE-2007-2533",
"lastModified": "2024-11-21T00:31:00.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35791"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35792"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34171"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-14 20:07
Modified
2024-11-20 23:58
Severity ?
Summary
Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de atravesamiento de directorios en componente Crystal Report (rptserver.asp) en Tren Micro Server Protect Managemente Console 5.58, usada en Control Manager 2.5 y 3.0 y Damage Cleanup Server 1.1, y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elecci\u00f3n mediante el par\u00e1metro IMAGE."
}
],
"id": "CVE-2005-1930",
"lastModified": "2024-11-20T23:58:26.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-14T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18038"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/258"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015358"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=352\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/21770"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15867"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=352\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/21770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-22 23:17
Modified
2024-11-21 00:35
Severity ?
Summary
Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:build_1176_for_windows:*:*:*:*:*:*",
"matchCriteriaId": "E260C8CE-53F3-4960-A799-536B94840793",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en EarthAgent.exe de Trend Micro ServerProtect 5.58 para Windows anterior al Parche de Seguridad 4 permite a atacantes remotos tener un impacto desconocido mediante ciertas llamadas a funciones RPC a (1) RPCFN_EVENTBACK_DoHotFix o (2) CMD_CHANGE_AGENT_REGISTER_INFO."
}
],
"id": "CVE-2007-4490",
"lastModified": "2024-11-21T00:35:43.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-22T23:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "cve@mitre.org",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36181"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.4:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "75734296-9435-4A96-B30C-572BF1BBAD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "61C0968D-D8F1-450C-B4E9-94535B4CF637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:unix:*:*:*:*:*",
"matchCriteriaId": "1D8580C2-B757-4C4C-A9B6-960905101E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "15B05F1A-7AA1-46E5-947B-C422F9618F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "EB4F32FC-8391-4B3B-AA42-07E392053A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52_build1466:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "1BF5CF24-83B8-4AC3-A849-C56979CB38DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*",
"matchCriteriaId": "FB28FE16-F163-4287-9A4E-843C2E67792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*",
"matchCriteriaId": "6E8704FA-AA3C-4664-A5AA-50F60AE77642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "BEDB64E2-6157-47C1-842E-26A40A885ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"id": "CVE-2005-0533",
"lastModified": "2024-11-20T23:55:21.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-17 23:30
Modified
2024-11-21 00:40
Severity ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | serverprotect | 5.7 | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "77A07A3A-25BF-4EBE-9B5C-46FBD0D2A3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la memoria libre para la reserva din\u00e1mica (heap) en un procedimiento desconocido de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, posiblemente relacionados con la configuraci\u00f3n del producto, una vulnerabilidad diferente de CVE-2008-0012 y CVE-2008-0013."
}
],
"id": "CVE-2008-0012",
"lastModified": "2024-11-21T00:40:58.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-17T23:30:00.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/310.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39918"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2007-4218
Vulnerability from cvelistv5
Published
2007-08-22 23:00
Modified
2024-08-07 14:46
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#109056",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/109056"
},
{
"name": "20070821 Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587"
},
{
"name": "serverprotect-stcommondll-bo(36174)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36174"
},
{
"name": "25395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25395"
},
{
"name": "serverprotect-notification-bo(36176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36176"
},
{
"name": "serverprotect-agent-rpcfncopyausrc-bo(36178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36178"
},
{
"name": "20070907 ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478866/100/0/threaded"
},
{
"name": "VU#204448",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/204448"
},
{
"name": "serverprotect-eng50dll-bo(36175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36175"
},
{
"name": "TA07-235A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "serverprotect-strpcsrv-bo(36172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36172"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#109056",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/109056"
},
{
"name": "20070821 Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587"
},
{
"name": "serverprotect-stcommondll-bo(36174)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36174"
},
{
"name": "25395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25395"
},
{
"name": "serverprotect-notification-bo(36176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36176"
},
{
"name": "serverprotect-agent-rpcfncopyausrc-bo(36178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36178"
},
{
"name": "20070907 ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478866/100/0/threaded"
},
{
"name": "VU#204448",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/204448"
},
{
"name": "serverprotect-eng50dll-bo(36175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36175"
},
{
"name": "TA07-235A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "serverprotect-strpcsrv-bo(36172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36172"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#109056",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/109056"
},
{
"name": "20070821 Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587"
},
{
"name": "serverprotect-stcommondll-bo(36174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36174"
},
{
"name": "25395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25395"
},
{
"name": "serverprotect-notification-bo(36176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36176"
},
{
"name": "serverprotect-agent-rpcfncopyausrc-bo(36178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36178"
},
{
"name": "20070907 ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478866/100/0/threaded"
},
{
"name": "VU#204448",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/204448"
},
{
"name": "serverprotect-eng50dll-bo(36175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36175"
},
{
"name": "TA07-235A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-050.html"
},
{
"name": "1018594",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "3052",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "serverprotect-strpcsrv-bo(36172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36172"
},
{
"name": "26523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4218",
"datePublished": "2007-08-22T23:00:00",
"dateReserved": "2007-08-08T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0012
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39918 | vdb-entry, x_refsource_XF | |
| http://www.iss.net/threats/310.html | third-party-advisory, x_refsource_ISS | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-config1-bo(39918)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39918"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-config1-bo(39918)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39918"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-config1-bo(39918)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39918"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0012",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-12-13T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1070
Vulnerability from cvelistv5
Published
2007-02-21 11:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html"
},
{
"name": "VU#466609",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/466609"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt"
},
{
"name": "24243",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24243"
},
{
"name": "33042",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33042"
},
{
"name": "VU#630025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/630025"
},
{
"name": "20070220 TSRT-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460690/100/0/threaded"
},
{
"name": "20070220 TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460686/100/0/threaded"
},
{
"name": "VU#730433",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/730433"
},
{
"name": "serverprotect-eng50-bo(32594)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290"
},
{
"name": "22639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22639"
},
{
"name": "ADV-2007-0670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0670"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html"
},
{
"name": "VU#349393",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/349393"
},
{
"name": "serverprotect-stcommon-bo(32601)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32601"
},
{
"name": "1017676",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017676"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html"
},
{
"name": "VU#466609",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/466609"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt"
},
{
"name": "24243",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24243"
},
{
"name": "33042",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33042"
},
{
"name": "VU#630025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/630025"
},
{
"name": "20070220 TSRT-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460690/100/0/threaded"
},
{
"name": "20070220 TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460686/100/0/threaded"
},
{
"name": "VU#730433",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/730433"
},
{
"name": "serverprotect-eng50-bo(32594)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290"
},
{
"name": "22639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22639"
},
{
"name": "ADV-2007-0670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0670"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html"
},
{
"name": "VU#349393",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/349393"
},
{
"name": "serverprotect-stcommon-bo(32601)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32601"
},
{
"name": "1017676",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017676"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html",
"refsource": "MISC",
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-01.html"
},
{
"name": "VU#466609",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/466609"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt"
},
{
"name": "24243",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24243"
},
{
"name": "33042",
"refsource": "OSVDB",
"url": "http://osvdb.org/33042"
},
{
"name": "VU#630025",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/630025"
},
{
"name": "20070220 TSRT-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460690/100/0/threaded"
},
{
"name": "20070220 TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460686/100/0/threaded"
},
{
"name": "VU#730433",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/730433"
},
{
"name": "serverprotect-eng50-bo(32594)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32594"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290"
},
{
"name": "22639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22639"
},
{
"name": "ADV-2007-0670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0670"
},
{
"name": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html",
"refsource": "MISC",
"url": "http://www.tippingpoint.com/security/advisories/TSRT-07-02.html"
},
{
"name": "VU#349393",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/349393"
},
{
"name": "serverprotect-stcommon-bo(32601)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32601"
},
{
"name": "1017676",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017676"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1070",
"datePublished": "2007-02-21T11:00:00",
"dateReserved": "2007-02-20T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0072
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/38760 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN | |
| http://www.iss.net/threats/309.html | third-party-advisory, x_refsource_ISS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-read-bo(38760)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38760"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/309.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-read-bo(38760)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38760"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/309.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-read-bo(38760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38760"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/309.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0072",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0073
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39050 | vdb-entry, x_refsource_XF | |
| http://www.iss.net/threats/309.html | third-party-advisory, x_refsource_ISS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "application-rpc-file-read-bo(39050)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39050"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/309.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "application-rpc-file-read-bo(39050)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39050"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/309.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "application-rpc-file-read-bo(39050)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39050"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/309.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0073",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1929
Vulnerability from cvelistv5
Published
2005-12-14 21:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18038 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityreason.com/securityalert/257 | third-party-advisory, x_refsource_SREASON | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html | mailing-list, x_refsource_FULLDISC | |
| http://securitytracker.com/id?1015358 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html | mailing-list, x_refsource_FULLDISC | |
| http://www.osvdb.org/21772 | vdb-entry, x_refsource_OSVDB | |
| http://www.osvdb.org/21771 | vdb-entry, x_refsource_OSVDB | |
| http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://securityreason.com/securityalert/256 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/15865 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/15866 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2005/2907 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18038"
},
{
"name": "257",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/257"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
},
{
"name": "1015358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
},
{
"name": "21772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21772"
},
{
"name": "21771",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21771"
},
{
"name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
},
{
"name": "256",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/256"
},
{
"name": "15865",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15865"
},
{
"name": "15866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15866"
},
{
"name": "ADV-2005-2907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \"wrapped\" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro\u0027s product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18038"
},
{
"name": "257",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/257"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
},
{
"name": "1015358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
},
{
"name": "21772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21772"
},
{
"name": "21771",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21771"
},
{
"name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
},
{
"name": "256",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/256"
},
{
"name": "15865",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15865"
},
{
"name": "15866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15866"
},
{
"name": "ADV-2005-2907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \"wrapped\" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro\u0027s product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18038",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18038"
},
{
"name": "257",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/257"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
},
{
"name": "1015358",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
},
{
"name": "21772",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21772"
},
{
"name": "21771",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21771"
},
{
"name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
},
{
"name": "256",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/256"
},
{
"name": "15865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15865"
},
{
"name": "15866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15866"
},
{
"name": "ADV-2005-2907",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1929",
"datePublished": "2005-12-14T21:00:00",
"dateReserved": "2005-06-08T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5268
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 19:41
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31112 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN | |
| http://www.iss.net/threats/307.html | third-party-advisory, x_refsource_ISS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "application-unauth-admin-access(31112)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31112"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect Unauthenticated Remote Administration",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/307.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining \"administrative access to the RPC interface.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "application-unauth-admin-access(31112)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31112"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect Unauthenticated Remote Administration",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/307.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining \"administrative access to the RPC interface.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "application-unauth-admin-access(31112)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31112"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect Unauthenticated Remote Administration",
"refsource": "ISS",
"url": "http://www.iss.net/threats/307.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5268",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2006-10-13T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1930
Vulnerability from cvelistv5
Published
2005-12-14 20:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18038 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1015358 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/15867 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=352&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.osvdb.org/21770 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/258 | third-party-advisory, x_refsource_SREASON | |
| http://www.vupen.com/english/advisories/2005/2907 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18038"
},
{
"name": "1015358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "15867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15867"
},
{
"name": "20051214 Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=352\u0026type=vulnerabilities"
},
{
"name": "21770",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21770"
},
{
"name": "258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/258"
},
{
"name": "ADV-2005-2907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18038"
},
{
"name": "1015358",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "15867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15867"
},
{
"name": "20051214 Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=352\u0026type=vulnerabilities"
},
{
"name": "21770",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21770"
},
{
"name": "258",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/258"
},
{
"name": "ADV-2005-2907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18038",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18038"
},
{
"name": "1015358",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015358"
},
{
"name": "15867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15867"
},
{
"name": "20051214 Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=352\u0026type=vulnerabilities"
},
{
"name": "21770",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21770"
},
{
"name": "258",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/258"
},
{
"name": "ADV-2005-2907",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2907"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1930",
"datePublished": "2005-12-14T20:00:00",
"dateReserved": "2005-06-08T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0533
Vulnerability from cvelistv5
Published
2005-02-24 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1013290 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1013289 | vdb-entry, x_refsource_SECTRACK | |
| http://xforce.iss.net/xforce/alerts/id/189 | third-party-advisory, x_refsource_ISS | |
| http://secunia.com/advisories/14396 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/12643 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-02-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0533",
"datePublished": "2005-02-24T05:00:00",
"dateReserved": "2005-02-24T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1169
Vulnerability from cvelistv5
Published
2007-02-28 15:00
Modified
2024-09-17 02:27
Severity ?
EPSS score ?
Summary
The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.trendmicro.com/download/product.asp?productid=20 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-28T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/download/product.asp?productid=20",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1169",
"datePublished": "2007-02-28T15:00:00Z",
"dateReserved": "2007-02-28T00:00:00Z",
"dateUpdated": "2024-09-17T02:27:13.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0013
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/threats/310.html | third-party-advisory, x_refsource_ISS | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39919 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config2-bo(39919)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39919"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config2-bo(39919)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39919"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config2-bo(39919)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39919"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0013",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-12-13T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0014
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/threats/310.html | third-party-advisory, x_refsource_ISS | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39920 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config3-bo(39920)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39920"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config3-bo(39920)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39920"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product\u0027s configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/310.html"
},
{
"name": "application-rpc-config3-bo(39920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39920"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0014",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-12-13T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2508
Vulnerability from cvelistv5
Published
2007-05-08 23:00
Modified
2024-08-07 13:42
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "serverprotect-earthagent-bo(34163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
},
{
"name": "35790",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35790"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
},
{
"name": "VU#515616",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/515616"
},
{
"name": "23868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23868"
},
{
"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
},
{
"name": "23866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23866"
},
{
"name": "serverprotect-agrpccln-bo(34162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
},
{
"name": "1018010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018010"
},
{
"name": "25186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25186"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35789"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
},
{
"name": "VU#488424",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/488424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "serverprotect-earthagent-bo(34163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
},
{
"name": "35790",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35790"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
},
{
"name": "VU#515616",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/515616"
},
{
"name": "23868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23868"
},
{
"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
},
{
"name": "23866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23866"
},
{
"name": "serverprotect-agrpccln-bo(34162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
},
{
"name": "1018010",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018010"
},
{
"name": "25186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25186"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35789"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
},
{
"name": "VU#488424",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/488424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "serverprotect-earthagent-bo(34163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
},
{
"name": "35790",
"refsource": "OSVDB",
"url": "http://osvdb.org/35790"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
},
{
"name": "VU#515616",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/515616"
},
{
"name": "23868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23868"
},
{
"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
},
{
"name": "23866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23866"
},
{
"name": "serverprotect-agrpccln-bo(34162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
},
{
"name": "1018010",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018010"
},
{
"name": "25186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25186"
},
{
"name": "35789",
"refsource": "OSVDB",
"url": "http://osvdb.org/35789"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
},
{
"name": "VU#488424",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/488424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2508",
"datePublished": "2007-05-08T23:00:00",
"dateReserved": "2007-05-07T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4490
Vulnerability from cvelistv5
Published
2007-08-22 23:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/2934 | vdb-entry, x_refsource_VUPEN | |
| http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36181 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/3052 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/26523 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:08.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "serverprotect-earthagentexe-bo(36181)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36181"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "serverprotect-earthagentexe-bo(36181)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36181"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "serverprotect-earthagentexe-bo(36181)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36181"
},
{
"name": "3052",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4490",
"datePublished": "2007-08-22T23:00:00",
"dateReserved": "2007-08-22T00:00:00",
"dateUpdated": "2024-08-07T15:01:08.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0642
Vulnerability from cvelistv5
Published
2006-02-10 11:00
Modified
2024-08-07 16:41
Severity ?
EPSS score ?
Summary
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/424598/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/423896/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/16483 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/424172/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24658 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/423914/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/423913/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"name": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0642",
"datePublished": "2006-02-10T11:00:00",
"dateReserved": "2006-02-10T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2528
Vulnerability from cvelistv5
Published
2007-05-08 23:00
Modified
2024-08-07 13:42
Severity ?
EPSS score ?
Summary
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/35793 | vdb-entry, x_refsource_OSVDB | |
| http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35793",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35793",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35793",
"refsource": "OSVDB",
"url": "http://osvdb.org/35793"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2528",
"datePublished": "2007-05-08T23:00:00",
"dateReserved": "2007-05-08T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6458
Vulnerability from cvelistv5
Published
2006-12-11 17:00
Modified
2024-08-07 20:26
Severity ?
EPSS score ?
Summary
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/21509 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/23321 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/4918 | vdb-entry, x_refsource_VUPEN | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21509",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21509"
},
{
"name": "23321",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23321"
},
{
"name": "ADV-2006-4918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4918"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21509",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21509"
},
{
"name": "23321",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23321"
},
{
"name": "ADV-2006-4918",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4918"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21509",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21509"
},
{
"name": "23321",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23321"
},
{
"name": "ADV-2006-4918",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4918"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6458",
"datePublished": "2006-12-11T17:00:00",
"dateReserved": "2006-12-11T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0851
Vulnerability from cvelistv5
Published
2007-02-08 18:00
Modified
2024-08-07 12:34
Severity ?
EPSS score ?
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017601",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22449"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017603"
},
{
"name": "http://www.jpcert.or.jp/at/2007/at070004.txt",
"refsource": "MISC",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"refsource": "OSVDB",
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0851",
"datePublished": "2007-02-08T18:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1168
Vulnerability from cvelistv5
Published
2007-02-28 15:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.trendmicro.com/download/product.asp?productid=20 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/0691 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/22662 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1017685 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/24264 | third-party-advisory, x_refsource_SECUNIA | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"name": "ADV-2007-0691",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0691"
},
{
"name": "22662",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22662"
},
{
"name": "1017685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017685"
},
{
"name": "24264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24264"
},
{
"name": "20070221 Trend Micro ServerProtect Web Interface Authorization Bypass Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"name": "ADV-2007-0691",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0691"
},
{
"name": "22662",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22662"
},
{
"name": "1017685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017685"
},
{
"name": "24264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24264"
},
{
"name": "20070221 Trend Micro ServerProtect Web Interface Authorization Bypass Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1168",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/download/product.asp?productid=20",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
},
{
"name": "ADV-2007-0691",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0691"
},
{
"name": "22662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22662"
},
{
"name": "1017685",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017685"
},
{
"name": "24264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24264"
},
{
"name": "20070221 Trend Micro ServerProtect Web Interface Authorization Bypass Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1168",
"datePublished": "2007-02-28T15:00:00",
"dateReserved": "2007-02-28T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0074
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN | |
| http://www.iss.net/threats/309.html | third-party-advisory, x_refsource_ISS | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39051 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/309.html"
},
{
"name": "application-rpc-folder-read-bo(39051)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/309.html"
},
{
"name": "application-rpc-folder-read-bo(39051)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)",
"refsource": "ISS",
"url": "http://www.iss.net/threats/309.html"
},
{
"name": "application-rpc-folder-read-bo(39051)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0074",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:36.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4731
Vulnerability from cvelistv5
Published
2007-09-12 01:00
Modified
2024-08-07 15:08
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/45878 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36512 | vdb-entry, x_refsource_XF | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-051.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/478867/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/3128 | third-party-advisory, x_refsource_SREASON | |
| http://securitytracker.com/id?1018594 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45878",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45878"
},
{
"name": "serverprotect-tmregchange-bo(36512)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36512"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html"
},
{
"name": "20070907 ZDI-07-051: Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478867/100/0/threaded"
},
{
"name": "3128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3128"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018594"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45878",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45878"
},
{
"name": "serverprotect-tmregchange-bo(36512)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36512"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html"
},
{
"name": "20070907 ZDI-07-051: Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478867/100/0/threaded"
},
{
"name": "3128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3128"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018594"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45878",
"refsource": "OSVDB",
"url": "http://osvdb.org/45878"
},
{
"name": "serverprotect-tmregchange-bo(36512)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36512"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-051.html"
},
{
"name": "20070907 ZDI-07-051: Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478867/100/0/threaded"
},
{
"name": "3128",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3128"
},
{
"name": "1018594",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018594"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4731",
"datePublished": "2007-09-12T01:00:00",
"dateReserved": "2007-09-05T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5269
Vulnerability from cvelistv5
Published
2008-11-17 23:00
Modified
2024-08-07 19:41
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32618 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32261 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31113 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/768681 | third-party-advisory, x_refsource_CERT-VN | |
| http://blogs.iss.net/archive/trend.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/3127 | vdb-entry, x_refsource_VUPEN | |
| http://www.iss.net/threats/308.html | third-party-advisory, x_refsource_ISS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-interface-bo(31113)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31113"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/308.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-interface-bo(31113)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31113"
},
{
"name": "VU#768681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/308.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32618"
},
{
"name": "32261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32261"
},
{
"name": "application-rpc-interface-bo(31113)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31113"
},
{
"name": "VU#768681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768681"
},
{
"name": "http://blogs.iss.net/archive/trend.html",
"refsource": "MISC",
"url": "http://blogs.iss.net/archive/trend.html"
},
{
"name": "ADV-2008-3127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3127"
},
{
"name": "20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflow",
"refsource": "ISS",
"url": "http://www.iss.net/threats/308.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5269",
"datePublished": "2008-11-17T23:00:00",
"dateReserved": "2006-10-13T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6507
Vulnerability from cvelistv5
Published
2007-12-20 23:00
Modified
2024-08-07 16:11
Severity ?
EPSS score ?
Summary
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/44318 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/26912 | vdb-entry, x_refsource_BID | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-077.html | x_refsource_MISC | |
| http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/485250/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/3475 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/26523 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44318",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/44318"
},
{
"name": "26912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26912"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "20071217 ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485250/100/0/threaded"
},
{
"name": "3475",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3475"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain \"full file system access\" and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44318",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/44318"
},
{
"name": "26912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26912"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "20071217 ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485250/100/0/threaded"
},
{
"name": "3475",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3475"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain \"full file system access\" and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44318",
"refsource": "OSVDB",
"url": "http://osvdb.org/44318"
},
{
"name": "26912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26912"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-077.html"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt",
"refsource": "MISC",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "20071217 ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485250/100/0/threaded"
},
{
"name": "3475",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3475"
},
{
"name": "26523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6507",
"datePublished": "2007-12-20T23:00:00",
"dateReserved": "2007-12-20T00:00:00",
"dateUpdated": "2024-08-07T16:11:06.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2533
Vulnerability from cvelistv5
Published
2007-05-09 00:00
Modified
2024-08-07 13:42
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/1689 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/35792 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/35791 | vdb-entry, x_refsource_OSVDB | |
| http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt | x_refsource_CONFIRM | |
| http://www.trendmicro.com/download_beta/product.asp?productid=17 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34171 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "35792",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35792"
},
{
"name": "35791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
},
{
"name": "serverprotect-multiple-bo(34171)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34171"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "35792",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35792"
},
{
"name": "35791",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
},
{
"name": "serverprotect-multiple-bo(34171)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34171"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1689"
},
{
"name": "35792",
"refsource": "OSVDB",
"url": "http://osvdb.org/35792"
},
{
"name": "35791",
"refsource": "OSVDB",
"url": "http://osvdb.org/35791"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
},
{
"name": "http://www.trendmicro.com/download_beta/product.asp?productid=17",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
},
{
"name": "serverprotect-multiple-bo(34171)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34171"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2533",
"datePublished": "2007-05-09T00:00:00",
"dateReserved": "2007-05-08T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4219
Vulnerability from cvelistv5
Published
2007-08-22 23:00
Modified
2024-08-07 14:46
Severity ?
EPSS score ?
Summary
Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36168 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/25396 | vdb-entry, x_refsource_BID | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.us-cert.gov/cas/techalerts/TA07-235A.html | third-party-advisory, x_refsource_CERT | |
| http://www.vupen.com/english/advisories/2007/2934 | vdb-entry, x_refsource_VUPEN | |
| http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1018594 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/959400 | third-party-advisory, x_refsource_CERT-VN | |
| http://securityreason.com/securityalert/3052 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/26523 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "serverprotect-rpcfnsynctask-bo(36168)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36168"
},
{
"name": "25396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25396"
},
{
"name": "20070821 Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588"
},
{
"name": "TA07-235A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "VU#959400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/959400"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "serverprotect-rpcfnsynctask-bo(36168)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36168"
},
{
"name": "25396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25396"
},
{
"name": "20070821 Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588"
},
{
"name": "TA07-235A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "1018594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "VU#959400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/959400"
},
{
"name": "3052",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "serverprotect-rpcfnsynctask-bo(36168)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36168"
},
{
"name": "25396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25396"
},
{
"name": "20070821 Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=588"
},
{
"name": "TA07-235A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-235A.html"
},
{
"name": "ADV-2007-2934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2934"
},
{
"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt"
},
{
"name": "1018594",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018594"
},
{
"name": "VU#959400",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/959400"
},
{
"name": "3052",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3052"
},
{
"name": "26523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4219",
"datePublished": "2007-08-22T23:00:00",
"dateReserved": "2007-08-08T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}