CVE-2007-6507 Information

Description

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface which allows remote attackers to obtain \full file system access\ and execute arbitrary code.

Reference

http://osvdb.org/44318 http://secunia.com/advisories/26523 http://securityreason.com/securityalert/3475 http://www.securityfocus.com/archive/1/485250/100/0/threaded http://www.securityfocus.com/bid/26912 http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt http://www.zerodayinitiative.com/advisories/ZDI-07-077.html