CVE-2007-2508
Trend Micro ServerProtect <5.58 - Buffer Overflow
Title source: llmDescription
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.
Exploits (5)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16829
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16828
metasploit
WORKING POC
GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/trendmicro_serverprotect_createbinding.rb
metasploit
WORKING POC
GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/trendmicro_serverprotect_earthagent.rb
References (16)
Scores
EPSS
0.7955
EPSS Percentile
99.1%
Details
CWE
CWE-119
Status
published
Products (1)
trend_micro/serverprotect
< 5.58
Published
May 08, 2007
Tracked Since
Feb 18, 2026