CVE-2007-2528
CVE-2007-2528 is a critical-severity vulnerability in Trend Micro Serverprotect with a CVSS 2.0 base score of 10.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Critical (CVSS 2.0 base score 10.0)
- EPSS exploit prediction: 4% (89th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Trend Micro Serverprotect
- Published:
- Last modified:
Description
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.
Frequently asked questions
- What is CVE-2007-2528?
- Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.
- How severe is CVE-2007-2528?
- CVE-2007-2528 has a CVSS 2.0 base score of 10.0, rated critical severity.
- Is CVE-2007-2528 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 4% (89th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2007-2528?
- CVE-2007-2528 affects Trend Micro Serverprotect. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2007-2528?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2007-2528 published?
- CVE-2007-2528 was published on 2007-05-08 and last updated on 2026-06-16.
References
- http://osvdb.org/35793
- http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt
Affected products (1)
- cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*
More vulnerabilities in Trend Micro Serverprotect
- CVE-2008-0014 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…
- CVE-2008-0013 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…
- CVE-2008-0012 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…
- CVE-2007-0074 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…
- CVE-2007-0073 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…
- CVE-2007-0072 — Critical (CVSS 10.0): Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote…