Trend Micro ServerProtect Multiple Remote Vulnerabilities

Trend Micro ServerProtect is prone to multiple remote vulnerabilities, including an authentication-bypass issue and multiple heap-based buffer-overflow issues.

Few technical details are currently available. We will update this BID as more information emerges.

Successfully exploiting the buffer-overflow issues may allow an attacker to execute arbitrary code with SYSTEM-level privileges or crash the affected application, denying service to legitimate users. Successfully exploiting the authentication-bypass vulnerability will allow the attacker administrative access to the vulnerable application.

Trend Micro ServerProtect 5.58 and 5.7 are vulnerable; additional versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus