Vulnerabilities > Trendmicro > Internet Security > 11.1.1005

DATE CVE VULNERABILITY TITLE RISK
2021-12-03 CVE-2021-43772 Files or Directories Accessible to External Parties vulnerability in Trendmicro products
Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.
local
low complexity
trendmicro CWE-552
5.5
2019-02-05 CVE-2018-18333 Untrusted Search Path vulnerability in Trendmicro products
A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.
local
low complexity
trendmicro CWE-426
7.8
2018-08-30 CVE-2018-15363 Out-of-bounds Read vulnerability in Trendmicro products
An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.
local
low complexity
trendmicro CWE-125
7.8
2018-08-30 CVE-2018-10514 Improper Privilege Management vulnerability in Trendmicro products
A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.
local
low complexity
trendmicro CWE-269
7.8
2018-08-30 CVE-2018-10513 Deserialization of Untrusted Data vulnerability in Trendmicro products
A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.
local
low complexity
trendmicro CWE-502
7.8
2018-07-06 CVE-2018-3608 Code Injection vulnerability in Trendmicro products
A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.
network
low complexity
trendmicro CWE-94
critical
9.8
2018-05-25 CVE-2018-6236 Race Condition vulnerability in Trendmicro products
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver.
local
high complexity
trendmicro CWE-362
7.0
2018-05-25 CVE-2018-6235 Out-of-bounds Write vulnerability in Trendmicro products
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-787
7.8
2018-05-25 CVE-2018-6234 Out-of-bounds Read vulnerability in Trendmicro products
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-125
5.5
2018-05-25 CVE-2018-6233 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8