Description
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.
Affected products
- Trend Micro / officescan3.0 – 3.0
- Trend Micro / officescancorporate_3.5 – corporate_3.5
- Trend Micro / officescancorporate_3.11 – corporate_3.11
- Trend Micro / officescancorporate_3.13 – corporate_3.13
- Trend Micro / officescancorporate_3.54 – corporate_3.54
- Trend Micro / officescancorporate_5.02 – corporate_5.02
- Trend Micro / officescancorporate_5.5 – corporate_5.5
- Trend Micro / officescancorporate_5.58 – corporate_5.58
References
- MISChttp://www.osvdb.org/6840
- MISChttp://www.securityfocus.com/bid/10503
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16375
- MISChttp://archives.neohapsis.com/archives/bugtraq/2004-06/0117.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/11806
- MISChttp://uk.trendmicro-europe.com/enterprise/support/knowledge_base_detail.php?solutionId=20118