exploitDog

CVE-2014-9641

Опубликовано: 06 фев. 2015

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

Ссылки

http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx
Vendor Advisory
http://www.exploit-db.com/exploits/35962
Exploit
http://www.greyhathacker.net/?p=818
Exploit
http://www.osvdb.org/115514
http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx
Vendor Advisory
http://www.exploit-db.com/exploits/35962
Exploit
http://www.greyhathacker.net/?p=818
Exploit
http://www.osvdb.org/115514

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:tmeext.sys:*:*:*:*:*:*:*:*

Версия до 2.0.0.1014 (включая)

EPSS

Процентиль: 67%

0.00527

Низкий

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-v834-f83h-rx97

github

больше 3 лет назад

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

EPSS

Процентиль: 67%

0.00527

Низкий

7.2 High

CVSS2

Дефекты

CWE-264