CVE-2007-1168

Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

Published: Mar 2, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1168
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
trend_micro / serverprotect	2.5	2.5.x
trend_micro / serverprotect	1.25_2007-02-16	1.25_2007-02-16.x
trend_micro / serverprotect	1.3	1.3.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477
http://secunia.com/advisories/24264
http://securitytracker.com/id?1017685
http://www.securityfocus.com/bid/22662
http://www.trendmicro.com/download/product.asp?productid=20
http://www.vupen.com/english/advisories/2007/0691

Vulnerability Database

289,784

CVE-2007-1168