Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Antivirus+'
2018-05-25
CVE-2018-6236
CWE-362
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2018-6235
CWE-787
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2018-6234
CWE-200
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2018-6233
CWE-120
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2018-6232
CWE-120
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
2017-03-21
CVE-2017-5565
CWE-427
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
>>>
Vendor:
Trendmicro
52
Products
Officescan
Housecall
Scanmail
Control manager
Interscan messaging security suite
Interscan web security suite
Serverprotect
Antivirus
Trend micro antivirus
Internet security
Interscan web security virtual appliance
Mobile security
Trend micro internet security
Internet security 2010
Web security virtual appliance
Interscan messaging security virtual appliance
Tmeext.sys
Deep discovery inspector
Password manager
Email encryption gateway
Business security
Smart protection server
Maximum security
Premium security
Antivirus+
Threat discovery appliance
Deep discovery director
Deep discovery email inspector
Trend micro control manager
Officescan xg
Encryption for email
Worry-free business security
Endpoint application control
Antivirus + security
Officescan monthly
Dr. safety
Apex one
Antivirus + security 2019
Internet security 2019
Maximum security 2019
Micro security 2019
Premium security 2019
Ransom buster
Deep security manager
Vulnerability protection
Housecall for home networks
Deep security as a service
Antivirus for mac
Home network security
Officescan business security
Worry-free business security services
Serverprotect for network appliance filer
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Antivirus+' 