Vulnerabilities > Trendmicro > Internet Security

DATE CVE VULNERABILITY TITLE RISK
2018-05-25 CVE-2018-6233 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8
2018-05-25 CVE-2018-6232 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8
2017-03-21 CVE-2017-5565 Uncontrolled Search Path Element vulnerability in Trendmicro products
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack.
local
low complexity
trendmicro CWE-427
6.7
2016-06-19 CVE-2016-1226 Cross-site Scripting vulnerability in Trendmicro Internet Security 10.0/8.0
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
trendmicro CWE-79
6.1
2016-06-19 CVE-2016-1225 Information Exposure vulnerability in Trendmicro Internet Security 10.0/8.0
Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
trendmicro CWE-200
6.5