PT-2009-3316 · Trend Micro · Trend Micro Security+1

B1@Ckeye

Publicado

2009-04-01

Atualizado

2018-10-10

CVE-2009-0686

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Trend Micro Internet Pro versions 2008 and 2009 Trend Micro Security Pro versions 2008 and 2009

Description The issue allows local users to gain privileges through a crafted IRP in a METHOD NEITHER IOCTL request to the Devicetmactmon device, which overwrites memory.

Recommendations For Trend Micro Internet Pro versions 2008 and 2009, update the TrendMicro Activity Monitor Module to a version that is not affected by this issue. For Trend Micro Security Pro versions 2008 and 2009, update the TrendMicro Activity Monitor Module to a version that is not affected by this issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2009-0686

Produtos afetados

Trend Micro Internet Pro

Trend Micro Security

PT-2009-3316 · Trend Micro · Trend Micro Security+1

CVE-2009-0686

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9