---------------------------------------------------------------------- 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv ---------------------------------------------------------------------- TITLE: Trend Micro Scan Engine Tmxpflt.sys Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA27378 VERIFY ADVISORY: http://secunia.com/advisories/27378/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Trend Micro Client Server Messaging Security for SMB 2.x http://secunia.com/product/13521/ Trend Micro Client Server Messaging Security for SMB 3.x http://secunia.com/product/13440/ Trend Micro Client Server Security 3.x http://secunia.com/product/13442/ Trend Micro OfficeScan Corporate Edition 3.x http://secunia.com/product/855/ Trend Micro OfficeScan Corporate Edition 5.x http://secunia.com/product/854/ Trend Micro OfficeScan Corporate Edition 6.x http://secunia.com/product/4323/ Trend Micro OfficeScan Corporate Edition 7.x http://secunia.com/product/5007/ Trend Micro OfficeScan Corporate Edition 8.x http://secunia.com/product/14630/ Trend Micro PC-cillin 2000 http://secunia.com/product/851/ Trend Micro PC-cillin 2002 http://secunia.com/product/852/ Trend Micro PC-cillin 2003 http://secunia.com/product/853/ Trend Micro PC-cillin for Wireless 3.x http://secunia.com/product/8133/ Trend Micro PC-cillin Internet Security 2005 http://secunia.com/product/4708/ Trend Micro PC-cillin Internet Security 2006 / 14.x http://secunia.com/product/8828/ Trend Micro PC-cillin Internet Security 2007 http://secunia.com/product/13436/ Trend Micro ScanMail for Microsoft Exchange 3.x http://secunia.com/product/66/ Trend Micro ScanMail for Microsoft Exchange 6.x http://secunia.com/product/67/ Trend Micro ScanMail for Microsoft Exchange 7.x http://secunia.com/product/8046/ Trend Micro ServerProtect for Windows/NetWare 5.x http://secunia.com/product/1153/ Trend Micro InterScan Messaging Security Suite 5.x http://secunia.com/product/61/ Trend Micro InterScan VirusWall 3.x http://secunia.com/product/60/ Trend Micro InterScan Web Security Suite 1.x http://secunia.com/product/4085/ Trend Micro InterScan Web Security Suite 2.x http://secunia.com/product/4086/ Trend Micro Anti-Spyware 3.x http://secunia.com/product/13439/ Trend Micro Anti-Spyware for Enterprise 3.x http://secunia.com/product/13438/ Trend Micro Anti-Spyware for SMB 3.x http://secunia.com/product/13437/ Trend Micro InterScan WebProtect for ISA 3.x http://secunia.com/product/65/ Trend Micro ScanMail for Lotus Notes 2.x http://secunia.com/product/1021/ Trend Micro ScanMail for Lotus Notes 3.x http://secunia.com/product/4711/ Trend Micro ServerProtect for EMC Celerra 5.x http://secunia.com/product/13528/ DESCRIPTION: A vulnerability has been reported in Trend Micro's Scan Engine, which can be exploited by malicious, local users to gain escalated privileges. A boundary error within the 0xa0284403 IOCTL handler of Tmxpflt.sys and insecure permissions on the "\\.\Tmfilter" DOS device interface can be exploited e.g. to cause a buffer overflow via overly long arguments passed to the affected IOCTL handler. Successful exploitation allows execution of arbitrary code with kernel privileges. The vulnerability affects all products using the Scan Engine Filter. SOLUTION: Update to Scan Engine 8.550-1001 (available via ActiveUpdate servers on October 30, 2007). PROVIDED AND/OR DISCOVERED BY: Rubén Santamarta, reported via iDefense Labs. ORIGINAL ADVISORY: Trend Micro: http://esupport.trendmicro.com/support/viewxml.do?ContentID=1035793 iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=609 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------