CVE-2007-1168

Published: Mar 2, 2007Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

Affected (3)

Products: Trend Micro: Serverprotect

Trend Micro

1 product

Serverprotect

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Trend Micro Serverprotect	Version 1.25_2007-02-16
Trend Micro Serverprotect	Version 1.3
Trend Micro Serverprotect	Version 2.5

References (12)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/24264

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1017685

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/22662

Source: cve@mitre.org

Patch

http://www.trendmicro.com/download/product.asp?productid=20

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2007/0691

Source: cve@mitre.org

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477