Vulnerability CVE-2007-4277


Published: 2007-10-30   Modified: 2012-02-12

Description:
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.6/10
9.2/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
Complete
Affected software
Trend micro -> Pc-cillin internet security 2007 
Trend micro -> Scan engine 

 References:
http://www.vupen.com/english/advisories/2007/3627
http://www.securityfocus.com/bid/26209
http://securitytracker.com/id?1018863
http://secunia.com/advisories/27378
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=609
http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036190
http://esupport.trendmicro.com/support/viewxml.do?ContentID=1035793

Copyright 2024, cxsecurity.com

 

Back to Top