22 matches found
EUVD-2018-2433
Malware in sbrugna...
EUVD-2018-2432
Malware in sbrugna...
EUVD-2018-2578
Malware in sbrugna...
EUVD-2018-2577
Malware in sbrugna...
Trend Micro OfficeScan Multiple Vulnerabilities (1119961)
Trend Micro OfficeScan is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2018-10506
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain t...
Privilege escalation
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to...
CVE-2018-10505
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to...
Privilege escalation
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to...
Information disclosure
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain t...
CVE-2018-10359
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to...
CVE-2018-10358
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. An attacker must first obtain the ability to...
CVE-2018-10506
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain t...
CVE-2018-10358
CVE-2018-10358 concerns Trend Micro OfficeScan 11.0 SP1 and XG, where the TMWFP driver’s IOCTL 0x2200B4 handling enables local privilege escalation through pool corruption. The root cause cited is the lack of proper validation of the length of user-supplied data before initializing a pool-based b...
CVE-2018-10359
Trend Micro OfficeScan 11.0 SP1 and XG are affected by CVE-2018-10359 due to a pool corruption flaw in the TMWFP driver when processing IOCTL 0x220078. The root cause is lack of proper validation of user-supplied data length used to initialize a pool-based buffer, enabling a local attacker who ca...
CVE-2018-10506
Trend Micro OfficeScan (11.0 SP1 and XG) is affected by an out-of-bounds read information disclosure vulnerability in the TMWFP driver, triggered by processing IOCTL 0x220004. An attacker who can run low-privileged code locally can disclose sensitive information. The vulnerability details come fr...
CVE-2018-10505
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to...
CVE-2018-10358
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. An attacker must first obtain the ability to...
CVE-2018-10505
Trend Micro OfficeScan 11.0 SP1 and XG are affected by a local privilege escalation due to a pool corruption flaw in the TMWFP driver’s handling of IOCTL 0x220008. The issue arises from insufficient validation of user-supplied data length, enabling a local attacker who can execute low-privileged ...
Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro OfficeScan. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...