Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Officescan | Trend_micro | 5.5 (including) | 5.5 (including) |
References
- http://secunia.com/advisories/11576
- http://www.secumind.net/content/french/modules/news/article.php?storyid=9\u0026sel_lang=english
- http://www.vupen.com/english/advisories/2006/1041
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25415
- http://secunia.com/advisories/11576
- http://www.secumind.net/content/french/modules/news/article.php?storyid=9\u0026sel_lang=english
- http://www.vupen.com/english/advisories/2006/1041
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25415