CVE-2007-1070

EXPLOITED

Trend Micro ServerProtect for Windows & EMC 5.58-5.62 - RCE

Title source: llm

Description

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16827
exploitdb WORKING POC VERIFIED
by devcode · cremotewindows
https://www.exploit-db.com/exploits/4367
metasploit WORKING POC GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb

References (17)

Scores

EPSS 0.7511
EPSS Percentile 98.9%

Details

VulnCheck KEV 2007-08-25
Status published
Products (3)
trend_micro/serverprotect 5.58
trend_micro/serverprotect 5.61
trend_micro/serverprotect 5.62
Published Feb 21, 2007
Tracked Since Feb 18, 2026