Trend Micro Internet Security Pro 2009 - Priviliege Escalation

EDB-ID:

8322


Author:

b1@ckeYe

Type:

local


Platform:

Windows

Date:

2009-03-30


Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation PoC.
by b1@ckeYe

The vulnerability is caused due to the IOCTL handler of the "tmactmon.sys" 
driver improperly processing user space parameters. This exploit execute 
arbitrary code in kernel space via a specially crafted IOCTL.

untested: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/8322.zip 2009-trendmicro_local_expl_0day.zip)

# milw0rm.com [2009-03-30]