Local Privilege Escalation Flaw in Trend Micro Anti-Rootkit Module
CVE-2007-0856

Currently unrated

Key Information:

Vendor

Trend Micro
Status
Trend Micro Antispyware
Damage Cleanup Services
Tmcomm.sys
Trend Micro Antirootkit Common Module
Vendor
CVE Published:
8 February 2007

What is CVE-2007-0856?

The Trend Micro Anti-Rootkit Common Module contains a vulnerability that allows local users to escalate their privileges. Specifically, the TmComm.sys version 1.5.0.1052 improperly assigns Everyone write permissions for its DOS device interface, enabling unauthorized access to privileged IOCTLs. This oversight can lead to arbitrary code execution or memory overwriting in the kernel context, raising significant security concerns across various Trend Micro products.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...
third-party-advisoryx_refsource_IDEFENSE
http://securitytracker.com/id?1017604
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/22448
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.