Trend Micro ServerProtect ENG_SendEMail buffer overflow

Added: 03/02/2007
CVE: CVE-2007-1070
BID: 22639
OSVDB: 33042

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow vulnerability in the ENG_SendEMail function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request.

Resolution

Apply the update referenced in the Trend Micro Vulnerability Response.

References

http://www.tippingpoint.com/security/advisories/TSRT-07-02.html

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Build 1060.

Platforms

Windows

Back to exploit index