CVE-2009-0686
published 2009-04-01CVE-2009-0686: The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users…
PriorityP433high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.80%
51.9th percentile
The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHOD_NEITHER IOCTL request to \Device\tmactmon that overwrites memory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trendmicro | internet_security | — | — |
| trendmicro | internet_security | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gfhg-7w8w-j26f: The TrendMicro Activity Monitor Module (tmactmon
ghsa_unreviewed·2022-05-02
CVE-2009-0686 [HIGH] GHSA-gfhg-7w8w-j26f: The TrendMicro Activity Monitor Module (tmactmon
The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHOD_NEITHER IOCTL request to \Device\tmactmon that overwrites memory.
VMware
VMware products address vulnerabilities in WebAccess
vendor_vmware·2010-03-29·CVSS 4.3
CVE-2009-2277 [MEDIUM] VMware products address vulnerabilities in WebAccess
VMSA-2010-0005: VMware products address vulnerabilities in WebAccess
a. WebAccess Context Data Cross-site Scripting Vulnerability A cross-site scripting vulnerability in WebAccess allows for disclosure of sensitive information. The flaw is due to insufficient verification of certain parameters which may lead to redirection of a user's requests. This vulnerability can only be exploited if the attacker tricks the WebAccess user into clicking a malicious link and the attacker has control of a server on the same network as the system where WebAccess is being used.
CVEs: CVE-2009-2277, CVE-2010-0686, CVE-2010-1137, CVE-2010-1193
Affected products: ESXi, VMware Workstation
No detection rules found.
No writeups or analysis indexed.
http://en.securitylab.ru/lab/PT-2009-09http://milw0rm.com/sploits/2009-trendmicro_local_expl_0day.ziphttp://www.securityfocus.com/archive/1/502314/100/0/threadedhttp://www.securityfocus.com/bid/34304http://www.securitytracker.com/id?1021955https://exchange.xforce.ibmcloud.com/vulnerabilities/49513https://www.exploit-db.com/exploits/8322http://en.securitylab.ru/lab/PT-2009-09http://milw0rm.com/sploits/2009-trendmicro_local_expl_0day.ziphttp://www.securityfocus.com/archive/1/502314/100/0/threadedhttp://www.securityfocus.com/bid/34304http://www.securitytracker.com/id?1021955https://exchange.xforce.ibmcloud.com/vulnerabilities/49513https://www.exploit-db.com/exploits/8322
2009-04-01
Published