Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trend Micro ServerProtect ISANVWRequest 堆溢出漏洞
Vulnerability Description
Trend Micro ServerProtect Management Console 5.58 以及更早版本中的(1) isaNVWRequest.dll 和 (2) relay.dll 在用于 Control Manager 2.5和3.0和Damage Cleanup Server 1.1时存在多个基于堆的缓冲溢出,远程攻击者可以通过在分块传送请求中"封装"长度值执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A