Buffer Overflow Vulnerabilities in Trend Micro ServerProtect for Windows
CVE-2007-4218
Currently unrated
Summary
Multiple buffer overflow vulnerabilities exist in the ServerProtect service (SpntSvc.exe) of Trend Micro ServerProtect for Windows. These vulnerabilities can be exploited remotely via crafted RPC requests sent to specific TCP ports processed by various functions in the application's DLLs. Attackers could manipulate the vulnerable RPC functions—such as RPCFN_ENG_NewManualScan and RPCFN_SetComputerName—resulting in arbitrary code execution. Users are urged to update to version 5.58 Security Patch 4 or later to mitigate these risks.
References
EPSS Score
58% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved