Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities found for tmeext.sys by trendmicro
VAR-201502-0459
Vulnerability from variot - Updated: 2023-12-18 12:30The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call. A security vulnerability exists in the tmeext.sys driver version prior to 2.0.0.1015. A local attacker can exploit this vulnerability to write to any memory location and obtain permissions through a specially crafted 0x00222400 IOCTL call
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201502-0459",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tmeext.sys",
"scope": "lt",
"trust": 1.4,
"vendor": "trend micro",
"version": "2.0.0.1015"
},
{
"model": "tmeext.sys",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "2.0.0.1014"
},
{
"model": "tmeext.sys",
"scope": "eq",
"trust": 0.9,
"vendor": "trendmicro",
"version": "2.0.0.1014"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tmeext sys",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "BID",
"id": "77709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trendmicro:tmeext.sys:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.0.1014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9641"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "77709"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9641",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-9641",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-01172",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-9641",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-01172",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201502-123",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call. A security vulnerability exists in the tmeext.sys driver version prior to 2.0.0.1015. A local attacker can exploit this vulnerability to write to any memory location and obtain permissions through a specially crafted 0x00222400 IOCTL call",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "BID",
"id": "77709"
},
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9641",
"trust": 3.5
},
{
"db": "EXPLOIT-DB",
"id": "35962",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "115514",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2015-01172",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "35962",
"trust": 0.6
},
{
"db": "BID",
"id": "77709",
"trust": 0.3
},
{
"db": "IVD",
"id": "CBE56C58-1E92-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "BID",
"id": "77709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"id": "VAR-201502-0459",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
}
]
},
"last_update_date": "2023-12-18T12:30:23.552000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Arbitrary Write Privilege Escalation Vulnerability on tmeext.sys",
"trust": 0.8,
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"title": "Patch for multiple Trend Micro products tmeext.sys driver privilege elevation vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/55406"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"trust": 1.9,
"url": "http://www.greyhathacker.net/?p=818"
},
{
"trust": 1.9,
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/115514"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9641"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9641"
},
{
"trust": 0.6,
"url": "http://www.exploit-db.com/exploits/35962/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "BID",
"id": "77709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"db": "BID",
"id": "77709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-02-13T00:00:00",
"db": "IVD",
"id": "cbe56c58-1e92-11e6-abef-000c29c66e3d"
},
{
"date": "2015-02-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"date": "2015-02-06T00:00:00",
"db": "BID",
"id": "77709"
},
{
"date": "2015-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"date": "2015-02-06T15:59:08.757000",
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"date": "2015-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01172"
},
{
"date": "2015-02-06T00:00:00",
"db": "BID",
"id": "77709"
},
{
"date": "2015-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007857"
},
{
"date": "2015-02-09T16:02:16.967000",
"db": "NVD",
"id": "CVE-2014-9641"
},
{
"date": "2015-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "77709"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Trend Micro Product tmeext.sys Vulnerability written in arbitrary memory area in driver",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007857"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-123"
}
],
"trust": 0.6
}
}
CVE-2014-9641 (GCVE-0-2014-9641)
Vulnerability from nvd – Published: 2015-02-06 15:00 – Updated: 2024-08-06 13:47
VLAI
Summary
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.greyhathacker.net/?p=818 | x_refsource_MISC |
| http://www.exploit-db.com/exploits/35962 | exploitx_refsource_EXPLOIT-DB |
| http://esupport.trendmicro.com/en-us/home/pages/t… | x_refsource_CONFIRM |
| http://www.osvdb.org/115514 | vdb-entryx_refsource_OSVDB |
Date Public
2014-12-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/115514"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-06T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/115514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"name": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/115514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9641",
"datePublished": "2015-02-06T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9641 (GCVE-0-2014-9641)
Vulnerability from cvelistv5 – Published: 2015-02-06 15:00 – Updated: 2024-08-06 13:47
VLAI
Summary
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.greyhathacker.net/?p=818 | x_refsource_MISC |
| http://www.exploit-db.com/exploits/35962 | exploitx_refsource_EXPLOIT-DB |
| http://esupport.trendmicro.com/en-us/home/pages/t… | x_refsource_CONFIRM |
| http://www.osvdb.org/115514 | vdb-entryx_refsource_OSVDB |
Date Public
2014-12-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/115514"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-06T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/115514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35962",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35962"
},
{
"name": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspx"
},
{
"name": "115514",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/115514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9641",
"datePublished": "2015-02-06T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}