CVE-2007-1070

Name of the Vulnerable Software and Affected Versions: Trend Micro ServerProtect for Windows versions 5.58 EMC versions 5.58 Network Appliance Filer versions 5.61 through 5.62

Description: The issue allows remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll, triggering overflows when calling specific functions. The affected functions include (1) CMON NetTestConnection, (2) CMON ActiveUpdate, and (3) CMON ActiveRollback in StCommon.dll, as well as (4) ENG SetRealTimeScanConfigInfo and (5) ENG SendEMail in eng50.dll.

Recommendations: For Trend Micro ServerProtect for Windows version 5.58, consider disabling the CMON NetTestConnection, CMON ActiveUpdate, and CMON ActiveRollback functions in StCommon.dll, and the ENG SetRealTimeScanConfigInfo and ENG SendEMail functions in eng50.dll until a patch is available. For EMC version 5.58, consider disabling the CMON NetTestConnection, CMON ActiveUpdate, and CMON ActiveRollback functions in StCommon.dll, and the ENG SetRealTimeScanConfigInfo and ENG SendEMail functions in eng50.dll until a patch is available. For Network Appliance Filer versions 5.61 through 5.62, consider disabling the CMON NetTestConnection, CMON ActiveUpdate, and CMON ActiveRollback functions in StCommon.dll, and the ENG SetRealTimeScanConfigInfo and ENG SendEMail functions in eng50.dll until a patch is available.