The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Trend Micro Titanium

vulnerability note 18694

Trend Micro: code execution via Password Manager

Synthesis of the vulnerability

An attacker can invite the victim to display a web document containing a malicious url, in order to run code in Password Manager of Trend Micro.
Impacted products: OfficeScan, TrendMicro Titanium.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 12/01/2016.
Identifiers: VIGILANCE-VUL-18694.

Description of the vulnerability

The Trend Micro products install the Password Manager tool on Windows.

However, a web service is enabled on port 49155/tcp, and the /api/openUrlInDefaultBrowser page directly calls the ShellExecute() function.

An attacker can therefore invite the victim to display a web document containing a malicious url, in order to run code in Password Manager of Trend Micro.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2014-9641

Trend Micro AntiVirus: privilege escalation via tmeext.sys

Synthesis of the vulnerability

An attacker can call an ioctl of tmeext.sys installed by Trend Micro, in order to escalate his privileges.
Impacted products: TrendMicro Internet Security, TrendMicro Titanium.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 06/02/2015.
Identifiers: 1106233, CVE-2014-9641, VIGILANCE-VUL-16127.

Description of the vulnerability

The Trend Micro AntiVirus product installs the tmeext.sys driver.

However, the ioctl 0x00222400 can be used by a local user to escalate his privileges.

An attacker can therefore call an ioctl of tmeext.sys installed by Trend Micro, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.