Overview
Trend Micro ServerProtect contains a stack-based buffer overflow.
Description
Trend Micro ServerProtect fails to properly handle data passed to the CMON_ActiveUpdate() and CMON_ActiveRollback()routines possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially crafted RPC packet to an affected Trend Micro ServerProtect installation. For more information refer to Trend Micro Solution ID: 1034290. |
Impact
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. |
Solution
Apply a patch Trend Micro has addressed this vulnerability with Security Patch 1- Build 1171. |
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
This vulnerability was reported by Pedram Amini of Tipping Point Security Research Team.
This document was written by Jeff Gennari.
Other Information
CVE IDs: | CVE-2007-1070 |
Severity Metric: | 28.69 |
Date Public: | 2007-02-20 |
Date First Published: | 2007-02-21 |
Date Last Updated: | 2007-02-21 19:03 UTC |
Document Revision: | 5 |