CVSS: 10.0EPSS: 19%CPEs: 1EXPL: 0CVE-2007-2533
https://notcve.org/view.php?id=CVE-2007-2533
09 May 2007 — Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll. Múltiples desbordamientos de búfer en Trend Micro ServerProtect 5.58 anterior al Security Patch 2-Build 1174 permiten a atacantes remotos ejecutar código de su elección median... • http://osvdb.org/35791 •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2007-2528
https://notcve.org/view.php?id=CVE-2007-2528
08 May 2007 — Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508. Desbordamiento de búfer en AgRpcCln.dll para Trend Micro ServerProtect 5.58 para Windows anberior a Security Patch 3 Build 1176 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos relacionados ... • http://osvdb.org/35793 •
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 4CVE-2007-2508 – Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2508
07 May 2007 — Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll. Múltiples desbordamientos de búfer en la región?? stack de la memoria en Trend Micro... • https://www.exploit-db.com/exploits/16828 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2007-1168
https://notcve.org/view.php?id=CVE-2007-1168
28 Feb 2007 — Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp). Trend Micro ServerProtect para Linux (SPLX) 1.25, 1.3, y 2.5 anterior a 20070216 permite a atacantes remotos acceder a páginas web de su elección y recofigurar el producto a través de respuesta HTTP con la cookie splx_2376_info en el puerto de interfaz web (14942/... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-1169
https://notcve.org/view.php?id=CVE-2007-1169
28 Feb 2007 — The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network. La interfaz web en Trend Micro ServerProtect para Linux (SPLX) 1.25, 1.3, y 2.5 versiones anteriores a 20070216 acepta peticiones de acceso (logon) a través de HTTP sin cifrar, lo cual permitiría a atacantes remotos obtener credenciales al rastrear la red. • http://www.trendmicro.com/download/product.asp?productid=20 •
CVSS: 10.0EPSS: 77%CPEs: 10EXPL: 2CVE-2007-1070 – Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow
https://notcve.org/view.php?id=CVE-2007-1070
21 Feb 2007 — Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll. Múltiples desbordamientos de búfer basado en... • https://www.exploit-db.com/exploits/4367 •
CVSS: 9.8EPSS: 31%CPEs: 118EXPL: 0CVE-2007-0851
https://notcve.org/view.php?id=CVE-2007-0851
08 Feb 2007 — Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. Un desbordamiento de búfer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versión 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecuta... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6458
https://notcve.org/view.php?id=CVE-2006-6458
11 Dec 2006 — The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows remote attackers to cause a denial of service (CPU consumption and system hang) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero, which triggers an infinite loop. El motor de escaneo de Trend Micro anterior a 8.320 para Windows y anterior a 8.150 en HP-U... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0642
https://notcve.org/view.php?id=CVE-2006-0642
10 Feb 2006 — Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on th... • http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2005-1929
https://notcve.org/view.php?id=CVE-2005-1929
14 Dec 2005 — Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As ... • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •