Multiple vulnerabilities have been identified in Trend Micro ServerProtect, which could be exploited by remote attackers to take complete control of an affected system. These issues are due to buffer overflow errors in various functions within the "StCommon.dll" and "eng50.dll" libraries, which could be exploited by remote unauthenticated attackers to execute arbitrary commands by sending specially crafted RPC requests to a vulnerable application.
Affected Products
Trend Micro ServerProtect for Windows version 5.58
Trend Micro ServerProtect for EMC version 5.58
Trend Micro ServerProtect for Network Appliance Filer version 5.61
Trend Micro ServerProtect for Network Appliance Filer version 5.62
Solution
Apply Security Patch 1 Build 1171 :
http://www.trendmicro.com/download/product.asp?productid=17
