Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Trend Micro Subscribe
Filtered by product Scan Engine
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4277 1 Trend Micro 2 Pc-cillin Internet Security 2007, Scan Engine 2011-03-07 6.6 MEDIUM N/A
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.