Vulnerabilities > CVE-2009-0686 - Resource Management Errors vulnerability in Trendmicro Internet Security 2008/2009

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
trendmicro
CWE-399
exploit available

Summary

The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHOD_NEITHER IOCTL request to \Device\tmactmon that overwrites memory.

Vulnerable Configurations

Part Description Count
Application
Trendmicro
4

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionTrend Micro Internet Security Pro 2009 Priviliege Escalation PoC. CVE-2009-0686. Local exploit for windows platform
fileexploits/windows/local/8322.txt
idEDB-ID:8322
last seen2016-02-01
modified2009-03-30
platformwindows
port
published2009-03-30
reporterb1@ckeYe
sourcehttps://www.exploit-db.com/download/8322/
titleTrend Micro Internet Security Pro 2009 - Priviliege Escalation PoC
typelocal

Seebug

bulletinFamilyexploit
descriptionUGTRAQ ID: 34304 CVE(CAN) ID: CVE-2009-0686 趋势科技的Internet Security是一套可适合保护家庭用户多台计算机的网络安全产品。 Internet Security的tmactmon.sys驱动的IOCTL处理器对IOCTL调用使用了METHOD_NEITHER通讯方式,但没有正确地验证Irp对象相关的缓冲区数据,这允许本地用户获得SYSTEM权限。 Trend Micro Internet Security Pro 2009 Trend Micro Internet Security Pro 2008 Trend Micro Internet Security 2009 Trend Micro Internet Security 2008 Trend Micro ----------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: <a href=http://www.antivirus.com/ target=_blank rel=external nofollow>http://www.antivirus.com/</a>
idSSV:4976
last seen2017-11-19
modified2009-04-02
published2009-04-02
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-4976
title趋势科技Internet Security tmactmon.sys驱动本地权限提升漏洞