Trend.Micro.ServerProtect.StRpcSrv.dll.Buffer.Overflow
Description
This indicates an attempt to exploit one of three vulnerabilities in Trend Micro ServerProtect for Windows.
These vulnerabilities are caused by boundary check errors in "RPCFN_CMON_SetSvcImpersonateUser", "RPCFN_ENG_NewManualScan" and "RPCFN_SetComputerName" in StRpcSrv.dll. A remote attacker may exploit this to execute arbitrary code.
Affected Products
Trend Micro ServerProtect 5.58 Build 1176 for Windows and prior versions.
Impact
System compromise: Remote code execution.
Recommended Actions
Apply the patch, available from the vendor's web site:
http://www.trendmicro.com/ftp/products/patches/spnt_558_win_en_securitypatch4.exe
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:Trend. ServerProtect. StRpcSrv. dll. Buffer. Overflow:Trend. Micro. ServerProtect. StRpcSrv. dll. Buffer. Overflow |