APP: Trend Micro Control Manager Chunked Overflow
This signature detects attempts to exploit a known vulnerability in the Trend Micro Control Manager. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
A remotely exploitable heap-based buffer overflow vulnerability is present in the Trend Micro ServerProtect 'isaNVWRequest.dll' ISAPI component of the Management Console. An attacker could exploit this issue to execute arbitrary code in the context of the underlying Web server. This issue is reported to affected ServerProtect 5.58 for Windows running with Trend Micro Control Manager 2.5/3.0 and Trend Micro Damage Cleanup Server 1.1. Other versions and platforms may be affected as well. It is also possible that other Trend Micro products such as InterScan eManager, InterScan Web Protect, OfficeScan, and Control Manager could be impacted as well. It is noted that the vulnerability may actually be present in the MFC (Microsoft Foundation Class) ISAPI libraries. This issue may be related to BID 9963 "Microsoft Visual C++ MFC ISAPI Extension Denial Of Service Vulnerability".
Affected Products
Trend_micro serverprotect
Short Name
APP:TMIC:CTRLMGR-CHUNKED
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2005-1929 Chunked Control Manager Micro Overflow Trend bid:15865
Release Date
09/15/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Trend_micro
CVSS Score
7.5