CVE-2018-10507 – TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass
https://notcve.org/view.php?id=CVE-2018-10507
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. An attacker must already have administrator privileges in order to exploit this vulnerability. Una vulnerabilidad en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que un atacante siga una serie de pasos para omitir o hacer que OfficeScan Unauthorized Change Prevention deje de funcionar en instalaciones vulnerables. El atacante tiene que tener privilegios de administrador para explotar esta vulnerabilidad. OfficeScan XG version 11.0 suffers from an unauthorized change prevention bypass vulnerability. • https://www.exploit-db.com/exploits/44858 http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-v11.0-UNAUTHORIZED-CHANGE-PREVENTION-SERVICE-BYPASS.txt https://success.trendmicro.com/solution/1119961 •
CVE-2018-10358 – Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10358
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalado de privilegios por corrupción de pool en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que un atacante local escale privilegios en instalaciones vulnerables debido a un error en el procesamiento de llamadas IOCTL 0x2200B4 en el controlador TMWFP. En primer lugar, un atacante debe obtener la capacidad de ejecutar código de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro OfficeScan. • https://success.trendmicro.com/solution/1119961 https://www.zerodayinitiative.com/advisories/ZDI-18-565 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-10359 – Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10359
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalado de privilegios por corrupción de pool en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que un atacante local escale privilegios en instalaciones vulnerables debido a un error en el procesamiento de llamadas IOCTL 0x220078 en el controlador TMWFP. En primer lugar, un atacante debe obtener la capacidad de ejecutar código de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro OfficeScan. • https://success.trendmicro.com/solution/1119961 https://www.zerodayinitiative.com/advisories/ZDI-18-564 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-10505 – Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10505
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalado de privilegios por corrupción de pool en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que un atacante local escale privilegios en instalaciones vulnerables debido a un error en el procesamiento de llamadas IOCTL 0x220008 en el controlador TMWFP. En primer lugar, un atacante debe obtener la capacidad de ejecutar código de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro OfficeScan. • https://success.trendmicro.com/solution/1119961 https://www.zerodayinitiative.com/advisories/ZDI-18-563 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-10506 – Trend Micro OfficeScan TMWFP Driver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-10506
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de divulgación de información por lectura fuera de límites en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que un atacante local revele información sensible en instalaciones vulnerables debido a un error en el procesamiento de llamadas IOCTL 0x220004 por parte del controlador TMWFP. En primer lugar, un atacante debe obtener la capacidad de ejecutar código de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Trend Micro OfficeScan. • https://success.trendmicro.com/solution/1119961 https://www.zerodayinitiative.com/advisories/ZDI-18-566 • CWE-125: Out-of-bounds Read •