CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10359 – Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10359
07 Jun 2018 — A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalado de privilegios por corrupción de pool en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que... • https://success.trendmicro.com/solution/1119961 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10505 – Trend Micro OfficeScan TMWFP driver Pool Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10505
07 Jun 2018 — A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalado de privilegios por corrupción de pool en Trend Micro OfficeScan 11.0 SP1 y XG podría permitir que... • https://success.trendmicro.com/solution/1119961 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10506 – Trend Micro OfficeScan TMWFP Driver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-10506
07 Jun 2018 — A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de divulgación de información por lectura fuera de límites en Trend Micro OfficeScan 11.0 SP1... • https://success.trendmicro.com/solution/1119961 • CWE-125: Out-of-bounds Read •