CVE-2014-9641

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
trendmicrotmeext.sys
𝑥
≤ 2.0.0.1014
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx
http://www.exploit-db.com/exploits/35962
http://www.greyhathacker.net/?p=818
http://www.osvdb.org/115514
http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx
http://www.exploit-db.com/exploits/35962
http://www.greyhathacker.net/?p=818
http://www.osvdb.org/115514