Lucene search
HistoryFeb 06, 2015 - 3:59 p.m.
CVE-2014-9641
cve-2014-9641
tmeext.sys
driver
trend micro
antivirus plus
internet security
maximum security
memory locations
0x00222400 ioctl call
privilege escalation
vulnerability
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.2%
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
Affected configurations
Node
trendmicrotmeext.sysRange≤2.0.0.1014
| CPE | Name | Operator | Version |
|---|---|---|---|
| trendmicro:tmeext.sys | trendmicro tmeext.sys | le | 2.0.0.1014 |
Related
prion
prion
Memory corruption
2015-02-06 15:59:00
exploitpack
exploitpack
Trend Micro 8.0.1133 (Multiple Products) - Local Privilege Escalation
2015-01-31 00:00:00
zdt
zdt
Trend Micro Multiple Products 8.0.1133 - Privilege Escalation Exploit
2015-01-31 00:00:00
cvelist
cvelist
CVE-2014-9641
2015-02-06 15:00:00
nvd
nvd
CVE-2014-9641
2015-02-06 15:59:08
exploitdb
exploitdb
Trend Micro 8.0.1133 (Multiple Products) - Local Privilege Escalation
2015-01-31 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.2%
Related for CVE-2014-9641