Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/101070 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039500 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-17-828 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-17-829 | Third Party Advisory VDB Entry |
https://success.trendmicro.com/solution/1118372 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trendmicro
Published: 2017-10-05T13:00:00
Updated: 2017-10-06T09:57:01
Reserved: 2017-08-31T00:00:00
Link: CVE-2017-14088
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-10-06T01:29:01.067
Modified: 2017-10-13T18:05:09.107
Link: CVE-2017-14088
JSON object: View
Redhat Information
No data.
CWE