Local Privilege Escalation Flaw in Trend Micro Anti-Rootkit Module
CVE-2007-0856

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Trend Micro Antispyware; Damage Cleanup Services; Tmcomm.sys; Trend Micro Antirootkit Common Module
Vendor: CVE Published:; 8 February 2007

Summary

The Trend Micro Anti-Rootkit Common Module contains a vulnerability that allows local users to escalate their privileges. Specifically, the TmComm.sys version 1.5.0.1052 improperly assigns Everyone write permissions for its DOS device interface, enabling unauthorized access to privileged IOCTLs. This oversight can lead to arbitrary code execution or memory overwriting in the kernel context, raising significant security concerns across various Trend Micro products.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://securitytracker.com/id?1017604

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/22448

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 8, 2007
Vulnerability Reserved
Feb 8, 2007