CVE-2007-1070

CVE Database · CVE-2007-1070

CVE-2007-1070

· N/AModified

CVSS v3.1

N/A

EPSS

71.88%

Published

Feb 21, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBTrend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow Exploit-DBTrend Micro ServerProtect 5.58 - Remote Buffer Overflow (Metasploit)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

Affected Products (10)

microsoft · windows_2000

microsoft · windows_2003_server

microsoft · windows_nt

microsoft · windows_vista

microsoft · windows_xp

trend_micro · serverprotectvulnerable

References (20)

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290

PatchVendor Advisory

http://osvdb.org/33042

http://secunia.com/advisories/24243