CVE-2006-1381Micro Officescan vulnerability

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
0.4%
top 40.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trend Micro Officescan
Timeline
PublishedMar 24
Latest updateMay 1

Description

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-cw6q-f999-4vr6: Trend Micro OfficeScan 52022-05-01
CVEList
CVE-2006-1381: Trend Micro OfficeScan 52006-03-24
CVE-2006-1381 — Trend Micro Officescan vulnerability | cvebase