CVE-2006-1381

Description

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.

Affected products

• Trend Micro / officescan5.5 – 5.5

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/25415
• MISChttp://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1041
• VENDOR_ADVISORYhttp://secunia.com/advisories/11576