2 matches found
CVE-2017-14088
Trend Micro OfficeScan (11.0 and XG) is affected by a local memory-corruption vulnerability in tmwfp.sys that allows a low-privilege attacker to gain kernel-level code execution. Exploitation relies on handling of IOCTLs in tmwfp.sys, enabling privilege escalation without user interaction. Severa...
CVE-2018-15364
The CVE-2018-15364 entry concerns Trend Micro OfficeScan XG 12.0. It describes a local, information-disclosure vulnerability in the Named Pipe Request Processing path. The root cause is a lack of input validation when processing data from a named pipe, specifically within the Ntrtscan.exe pathway...