certfr_avis - CERTA-2007-AVI-210

CERTA-2007-AVI-210

Vulnerability from certfr_avis - Published: - Updated:

Des vulnérabilités sur Trend Micro ServerProtect permettent à une personne malintentionnée distante d'exécuter du code arbitraire.

Description

Des vulnérabilités de type débordement de mémoire ont été identifiées sur Trend Micro ServerProtect. Les modules concernés sont stcommon.dll, stcommon.dll, eng50.dll, earthagent.exe, et AgRpcCln.dll. Ces fichiers appellent des fonctions ne gérant pas correctement certains messages RPC spécialement construits. Un attaquant exploitant l'une de ces vulnérabilités pourrait exécuter du code arbitraire à distance.

Solution

Les mises à jour Security Patch 2 et Security Patch 3 de l'éditeur corrigent ces vulnérabilités.

Trend Micro ServerProtect versions 5.58 et antérieures sur Microsoft Windows.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Mises à jour de Trend Micro ServerProtect	None	vendor-advisory
Référence CVE CVE-2007-2508 :	-	other
Référence CVE CVE-2007-2528 :	-	other
Mises à jour pour Trend Micro ServerProtect :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTrend Micro ServerProtect versions 5.58 et ant\u00e9rieures sur  Microsoft Windows.\u003c/P\u003e",
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s de type d\u00e9bordement de m\u00e9moire ont \u00e9t\u00e9 identifi\u00e9es\nsur Trend Micro ServerProtect. Les modules concern\u00e9s sont stcommon.dll,\nstcommon.dll, eng50.dll, earthagent.exe, et AgRpcCln.dll. Ces fichiers\nappellent des fonctions ne g\u00e9rant pas correctement certains messages RPC\nsp\u00e9cialement construits. Un attaquant exploitant l\u0027une de ces\nvuln\u00e9rabilit\u00e9s pourrait ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nLes mises \u00e0 jour Security Patch 2 et Security Patch 3 de l\u0027\u00e9diteur\ncorrigent ces vuln\u00e9rabilit\u00e9s.\n",
  "cves": [
    {
      "name": "CVE-2007-2508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2508"
    },
    {
      "name": "CVE-2007-2528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2528"
    }
  ],
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2007-2508 :",
      "url": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2508"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2007-2528 :",
      "url": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2528"
    },
    {
      "title": "Mises \u00e0 jour pour Trend Micro ServerProtect :",
      "url": "http://www.trendmicro.com/download_beta/product.asp?productid=17"
    }
  ],
  "reference": "CERTA-2007-AVI-210",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-05-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Des vuln\u00e9rabilit\u00e9s sur \u003cspan class=\"textit\"\u003eTrend Micro\nServerProtect\u003c/span\u003e permettent \u00e0 une personne malintentionn\u00e9e distante\nd\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Trend Micro ServerProtect",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mises \u00e0 jour de Trend Micro ServerProtect",
      "url": null
    }
  ]
}

CVE-2007-2508 (GCVE-0-2007-2508)

Vulnerability from cvelistv5 – Published: 2007-05-08 23:00 – Updated: 2024-08-07 13:42

Summary

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/1689	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://osvdb.org/35790	vdb-entryx_refsource_OSVDB
	http://www.zerodayinitiative.com/advisories/ZDI-0…	x_refsource_MISC
	http://www.trendmicro.com/ftp/documentation/readm…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/467932/100…	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/515616	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/23868	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/467933/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/23866	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1018010	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/25186	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/35789	vdb-entryx_refsource_OSVDB
	http://www.zerodayinitiative.com/advisories/ZDI-0…	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/488424	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:33.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-1689",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1689"
          },
          {
            "name": "serverprotect-earthagent-bo(34163)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
          },
          {
            "name": "35790",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35790"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
          },
          {
            "name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
          },
          {
            "name": "VU#515616",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/515616"
          },
          {
            "name": "23868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23868"
          },
          {
            "name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
          },
          {
            "name": "23866",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23866"
          },
          {
            "name": "serverprotect-agrpccln-bo(34162)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
          },
          {
            "name": "1018010",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018010"
          },
          {
            "name": "25186",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25186"
          },
          {
            "name": "35789",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35789"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
          },
          {
            "name": "VU#488424",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/488424"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe.  NOTE: both issues are reachable via TmRpcSrv.dll."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-1689",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1689"
        },
        {
          "name": "serverprotect-earthagent-bo(34163)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
        },
        {
          "name": "35790",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35790"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
        },
        {
          "name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
        },
        {
          "name": "VU#515616",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/515616"
        },
        {
          "name": "23868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23868"
        },
        {
          "name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
        },
        {
          "name": "23866",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23866"
        },
        {
          "name": "serverprotect-agrpccln-bo(34162)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
        },
        {
          "name": "1018010",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018010"
        },
        {
          "name": "25186",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25186"
        },
        {
          "name": "35789",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35789"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
        },
        {
          "name": "VU#488424",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/488424"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2508",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe.  NOTE: both issues are reachable via TmRpcSrv.dll."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-1689",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1689"
            },
            {
              "name": "serverprotect-earthagent-bo(34163)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"
            },
            {
              "name": "35790",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35790"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"
            },
            {
              "name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt",
              "refsource": "CONFIRM",
              "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"
            },
            {
              "name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"
            },
            {
              "name": "VU#515616",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/515616"
            },
            {
              "name": "23868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23868"
            },
            {
              "name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"
            },
            {
              "name": "23866",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23866"
            },
            {
              "name": "serverprotect-agrpccln-bo(34162)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"
            },
            {
              "name": "1018010",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018010"
            },
            {
              "name": "25186",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25186"
            },
            {
              "name": "35789",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35789"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"
            },
            {
              "name": "VU#488424",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/488424"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2508",
    "datePublished": "2007-05-08T23:00:00",
    "dateReserved": "2007-05-07T00:00:00",
    "dateUpdated": "2024-08-07T13:42:33.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2528 (GCVE-0-2007-2528)

Vulnerability from cvelistv5 – Published: 2007-05-08 23:00 – Updated: 2024-08-07 13:42

Summary

Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://osvdb.org/35793	vdb-entryx_refsource_OSVDB
	http://www.trendmicro.com/ftp/documentation/readm…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:33.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "35793",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35793"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-11-06T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "35793",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35793"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2528",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35793",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35793"
            },
            {
              "name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt",
              "refsource": "CONFIRM",
              "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2528",
    "datePublished": "2007-05-08T23:00:00",
    "dateReserved": "2007-05-08T00:00:00",
    "dateUpdated": "2024-08-07T13:42:33.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2007-AVI-210

Description

Solution

CVE-2007-2508 (GCVE-0-2007-2508)

CVE-2007-2528 (GCVE-0-2007-2528)

Tags

Sightings

Nomenclature