Buffer Overflow Vulnerabilities in Trend Micro ServerProtect for Windows
CVE-2007-4218

Currently unrated

Key Information:

Vendor
CVE Published:
22 August 2007

Summary

Multiple buffer overflow vulnerabilities exist in the ServerProtect service (SpntSvc.exe) of Trend Micro ServerProtect for Windows. These vulnerabilities can be exploited remotely via crafted RPC requests sent to specific TCP ports processed by various functions in the application's DLLs. Attackers could manipulate the vulnerable RPC functions—such as RPCFN_ENG_NewManualScan and RPCFN_SetComputerName—resulting in arbitrary code execution. Users are urged to update to version 5.58 Security Patch 4 or later to mitigate these risks.

References

EPSS Score

58% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.