Cross site request forgery (csrf)

The TrendMicro Activity Monitor Module tmactmon.sys 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHODNEITHER IOCTL request to \Device\tmactmon that overwrites memory...

CVE-2009-0686

CVE-2009-0686 affects Trend Micro Internet Security Pro (2008/2009) and Internet Pro/Security Pro lines. The IOCTL handler in tmactmon.sys (2.52.0.1002) uses METHOD_NEITHER and does not properly validate IRP buffer data, allowing a local user to gain SYSTEM privileges via a crafted IRP to \Device...