CVE-2007-1070

Description

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32601

https://exchange.xforce.ibmcloud.com/vulnerabilities/32594

http://www.vupen.com/english/advisories/2007/0670

http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt

http://www.tippingpoint.com/security/advisories/TSRT-07-02.html

http://www.tippingpoint.com/security/advisories/TSRT-07-01.html

http://www.securitytracker.com/id?1017676

http://www.securityfocus.com/bid/22639

http://www.securityfocus.com/archive/1/460690/100/0/threaded

http://www.securityfocus.com/archive/1/460686/100/0/threaded

http://www.kb.cert.org/vuls/id/730433

http://www.kb.cert.org/vuls/id/630025

http://www.kb.cert.org/vuls/id/466609

http://www.kb.cert.org/vuls/id/349393

http://secunia.com/advisories/24243

http://osvdb.org/33042

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3