Vulnerability Name: | CVE-2007-0074 (CCN-39051) | ||||||||
Assigned: | 2007-01-04 | ||||||||
Published: | 2008-11-11 | ||||||||
Updated: | 2017-07-29 | ||||||||
Summary: | Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC. | ||||||||
CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 8.5 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:C)
8.5 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:C)
| ||||||||
Vulnerability Type: | CWE-119 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MISC Type: UNKNOWN http://blogs.iss.net/archive/trend.html Source: MITRE Type: CNA CVE-2007-0074 Source: CCN Type: SA32618 Trend Micro ServerProtect Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 32618 Source: CCN Type: IBM Internet Security Systems Protection Advisory November 11, 2008 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3) Source: ISS Type: UNKNOWN 20081111 Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3) Source: CCN Type: US-CERT VU#768681 Trend Micro ServerProtect contains multiple vulnerabilities Source: CERT-VN Type: US Government Resource VU#768681 Source: CCN Type: OSVDB ID: 50115 Trend Micro ServerProtect Unspecified Procedure Remote Overflow (2008-0074) Source: BID Type: UNKNOWN 32261 Source: CCN Type: BID-32261 Trend Micro ServerProtect Multiple Remote Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2008-3127 Source: XF Type: UNKNOWN application-rpc-folder-read-bo(39051) Source: XF Type: UNKNOWN application-rpc-folder-read-bo(39051) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |