CVE-2014-9641

Sažetak

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

Reference

http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx
http://www.exploit-db.com/exploits/35962
http://www.greyhathacker.net/?p=818
http://www.osvdb.org/115514

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-02-2015 - 16:02

Objavljeno

06-02-2015 - 15:59