Local Security Bypass Vulnerability in Trend Micro Network Security Component
CVE-2008-3866

Currently unrated

Key Information:

Vendor

Trend Micro
Status
Internet Security 2008
Internet Security 2007
Officescan
Vendor
CVE Published:
21 January 2009

What is CVE-2008-3866?

The Trend Micro Network Security Component (NSC) contains a vulnerability in its Personal Firewall service, TmPfw.exe. This flaw arises due to reliance on client-side password protection within the configuration GUI, which can be exploited by local users. By utilizing a modified client to send specifically crafted packets, these users can unintentionally bypass access controls. Consequently, this allows unauthorized changes to firewall settings, posing significant security risks to users reliant on Trend Micro's products for their digital safety.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/secunia_research/2008-43/
x_refsource_MISC
http://www.trendmicro.com/ftp/documentation/readme/OSCE8....
x_refsource_MISC
http://www.securitytracker.com/id?1021616
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.