PT-2006-2388 · Trend Micro · Trend Micro Pc-Cillin Internet Security
Published
2006-03-24
·
Updated
2024-02-14
·
CVE-2006-1379
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Trend Micro PC-cillin Internet Security 2006 versions 14.00.1485 through 14.10.0.1023
Description
The issue allows local users to gain SYSTEM privileges by modifying executable programs. This is due to the software using insecure DACLs for critical files. The affected executable programs include
tmntsrv.exe and tmproxy.exe.Recommendations
For versions 14.00.1485 through 14.10.0.1023, consider restricting access to the executable programs
tmntsrv.exe and tmproxy.exe to prevent modification and minimize the risk of exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Trend Micro Pc-Cillin Internet Security