Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9641

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-9641
Last Modified 09 Feb 2015 11:02:16
Published 06 Feb 2015 10:59:08
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-9641

Summary

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

Vulnerable Systems

Application

  • Trendmicro Tmeext.sys 2.0.0.1014


References

OSVDB - 115514

MISC - http://www.greyhathacker.net/?p=818

EXPLOIT-DB - 35962

CONFIRM - http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx


Last Updated: 27 May 2016 11:07:43