7.2
CVE-2007-0856
- EPSS 0.15%
- Veröffentlicht 08.02.2007 18:28:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginTmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Trend Micro ≫ Client-server-messaging Security Version3.5 Editionsmb
Trend Micro ≫ Damage Cleanup Services Version3.2
Trend Micro ≫ Pc-cillin Internet Security Version2007
Trend Micro ≫ Tmcomm.Sys Version1.5.1052
Trend Micro ≫ Trend Micro Antispyware Version3.0_sp2 Editionenterprise
Trend Micro ≫ Trend Micro Antispyware Version3.2_sp1 Editionsmb
Trend Micro ≫ Trend Micro Antispyware Version3.5 Editionconsumer
Trend Micro ≫ Trend Micro Antivirus Version2007
Trend Micro ≫ Vsapini.Sys Version3.320.1003
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.363 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|