1889 matches found
CVE-2018-6232
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the abilit...
Information disclosure
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first...
Privilege escalation
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the...
CVE-2018-6235
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the...
CVE-2018-6233
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the abilit...
CVE-2018-6234
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first...
CVE-2018-6232
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the abilit...
CVE-2018-6236
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the...
CVE-2018-6232
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the abilit...
CVE-2018-6233
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the abilit...
CVE-2018-6235
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the...
CVE-2018-6234
CVE-2018-6234 affects Trend Micro Maximum Security (Consumer) 2018. It describes an Out-of-Bounds Read Information Disclosure in the tmnciesc.sys driver, arising from improper handling of IOCTL 0x222814. A local attacker who can run low-privilege code can disclose sensitive information on the tar...
CVE-2018-6234
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first...
CVE-2018-6235
Trend Micro Maximum Security (Consumer) 2018 is affected by an Out-of-Bounds write privilege escalation in the tmnciesc.sys driver, caused by improper handling of IOCTL 0x222814. An attacker who can run low-privilege code locally can exploit this to escalate privileges on the target system. Affec...
CVE-2018-6236
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the...
CVE-2018-6236
CVE-2018-6236 affects Trend Micro Maximum Security (Consumer) 2018. The vulnerability is a local privilege-escalation flaw in the tmusa driver, triggered by processing IOCTL 0x222813, due to a TOCTOU race condition in user-supplied data. An attacker who can execute low-privilege code can escalate...
CVE-2018-6233
CVE-2018-6233 describes a local privilege-escalation in Trend Micro Maximum Security (Consumer) 2018. The root cause is a buffer overflow in the tmnciesc.sys driver when processing IOCTL 0x222060, which can allow a local attacker who can execute low-privilege code to escalate privileges. Public s...
CVE-2018-6232
Trend Micro Maximum Security uses a vulnerable tmnciesc.sys driver where the root cause is a buffer overflow in processing IOCTL 0x22205C. This local-privilege-escalation flaw allows an attacker who can run low-privilege code to write past the end of an allocated buffer, enabling privilege escala...
CVE-2018-10493
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2018-10493
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...