Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4277

Overview

Vulnerability Score 6.6 6.6
CVE Id CVE-2007-4277
Last Modified 07 Mar 2011 09:58:05
Published 30 Oct 2007 06:46:00
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4277

Summary

The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.

Vulnerable Systems

Application

  • Trend Micro Pc-cillin Internet Security 2007

  • Trend Micro Scan Engine 8.500


References

VUPEN - ADV-2007-3627

BID - 26209

SECTRACK - 1018863

SECUNIA - 27378

IDEFENSE - 20071025 Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability

CONFIRM - http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036190

CONFIRM - http://esupport.trendmicro.com/support/viewxml.do?ContentID=1035793


Last Updated: 27 May 2016 10:45:49