Intrusion Prevention



This indicates an attempt to exploit one of three vulnerabilities in Trend Micro ServerProtect for Windows.
These vulnerabilities are caused by boundary check errors in "RPCFN_CMON_SetSvcImpersonateUser", "RPCFN_ENG_NewManualScan" and "RPCFN_SetComputerName" in StRpcSrv.dll. A remote attacker may exploit this to execute arbitrary code.

Affected Products

Trend Micro ServerProtect 5.58 Build 1176 for Windows and prior versions.


System compromise: Remote code execution.

Recommended Actions

Apply the patch, available from the vendor's web site:

CVE References

CVE-2007-4219 CVE-2007-4218