Trend.Micro.ServerProtect.SPNT.Engine.RPC.Buffer.Overflow
Description
This indicates a possible attempt to exploit one of two vulnerabilities in Trend Micro ServerProtect for Windows.
These vulnerabilities are a result of bounds checking errors in "RPCFN_ENG_AddTaskExportLogItem" and "RPCFN_ENG_TakeActionOnAFile", in eng50.dll. Successful exploitation may allow remote attackers to execute arbitrary code by sending excessively long strings in an RPC request.
Affected Products
Trend Micro ServerProtect 5.58 Build 1176 for Windows and prior versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the vendor's web site:
http://www.trendmicro.com/ftp/products/patches/spnt_558_win_en_securitypatch4.exe
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:TrendMicro. ServerProtect. SPNT. Engine. RPC. Buffer. Overflow:Trend. Micro. ServerProtect. SPNT. Engine. RPC. Buffer. Overflow |