CVE-2007-4277 (PC-Cillin Internet Security 2007, Scan Engine) - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Advisories
CVE-2007-4277 (PC-Cillin Internet Security 2007, Scan Engine)

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts

CVE-2007-4277 (PC-Cillin Internet Security 2007, Scan Engine)

This is a discussion on "CVE-2007-4277 (PC-Cillin Internet Security 2007, Scan Engine)" within the Advisories part of the Computer Security: Discussions section; The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \.\Tmfilter device, ...

Reply

2 links from elsewhere to this Post. Click to view.

#1 (permalink)

Old

01-11-07

Heap is offline

Reporter

Join Date: Oct 2007

Posts: 5,970

Thanks: 0

Thanked 4 Times in 4 Posts

Rep Power: 1197

Heap is on a distinguished road

nvd

CVE-2007-4277 (PC-Cillin Internet Security 2007, Scan Engine)

The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.

More...

Reply With Quote

Sponsor

Advertiser

Reply

Tags
2007, cve20074277, engine, internet, pccillin, scan, security

« Cve-2007-4861 (saxon) | CVE-2007-2263 (RealPlayer, RealOne Player, RealPlayer Enterprise) »

LinkBacks (?) LinkBack to this Thread: http://heapoverflow.com/f0rums/advisories/1701-cve-2007-4277-pc-cillin-internet-security-2007-scan-engine.html
Posted By	For	Type	Date
2007 - Members and Communities tagged with 2007 - Zoints	This thread	Refback	14-01-08 13:28
internet - Members and Communities tagged with internet - Zoints	This thread	Refback	07-01-08 15:15

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72