|
Feeds -
Exploits
|
|
Written by Mahammad Mohsen
|
|
Tuesday, 31 March 2009 22:40 |
Trend Micro Internet Security 2008/9 IOCTL Request Local Privilege Escalation Vulnerability
-\\Bugtraq ID:
34304
-\\Class:
Boundary Condition Error
-\\CVE:
-\\Remote:
No
-\\Local:
Yes
-\\Published:
Mar 30 2009 12:00AM
-\\Updated:
Mar 31 2009 05:16PM
-\\Credit:
b1@ckeYe
-\\Vulnerable:
Trend Micro Internet Security Pro 2009
Trend Micro Internet Security Pro 2008
Trend Micro Internet Security 2009
Trend Micro Internet Security 2008
-\\Discussion
Trend Micro Internet Security 2008 and 2009 are prone to a local privilege-escalation
vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges,
which may allow a complete compromise of the affected computer.
This issue affects Internet Security and Internet Security Pro 2008 and 2009.
-\\Exploit(s)/PoC(s):
The following exploit code is available:
============================
http://www.securityfocus.com/data/vulnerabilities/exploits/2009-trendmicro_local_expl_0day.zip
-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error
or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Vendor Homepage
http://www.trendmicro.com (Trend Micro)
--[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactm
http://www.securityfocus.com/archive/1/50231 ("Valery Marchuk" <
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
>)
|
