TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Trend Micro
  • Client-server-messaging Security
  • Damage Cleanup Services
  • Pc-cillin Internet Security
  • Tmcomm.sys
  • Trend Micro Antirootkit Common Module
  • Trend Micro Antispyware
  • Trend Micro Antivirus
  • Vsapini.sys

Configuration 1 [-]

OR cpe:2.3:a:trend_micro:client-server-messaging_security:3.5:*:smb:*:*:*:*:*
cpe:2.3:a:trend_micro:damage_cleanup_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:tmcomm.sys:1.5.1052:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:trend_micro_antirootkit_common_module:*:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:trend_micro_antispyware:3.0_sp2:*:enterprise:*:*:*:*:*
cpe:2.3:a:trend_micro:trend_micro_antispyware:3.2_sp1:*:smb:*:*:*:*:*
cpe:2.3:a:trend_micro:trend_micro_antispyware:3.5:*:consumer:*:*:*:*:*
cpe:2.3:a:trend_micro:trend_micro_antivirus:2007:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:vsapini.sys:3.320.1003:*:*:*:*:*:*:*

No data.

References
Link Providers
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432 cve-icon cve-icon
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469 cve-icon cve-icon
http://osvdb.org/33039 cve-icon cve-icon
http://secunia.com/advisories/24069 cve-icon cve-icon
http://securitytracker.com/id?1017604 cve-icon cve-icon
http://securitytracker.com/id?1017605 cve-icon cve-icon
http://securitytracker.com/id?1017606 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/282240 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/666800 cve-icon cve-icon
http://www.securityfocus.com/bid/22448 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/0521 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/32353 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-08T18:00:00

Updated: 2024-08-07T12:34:21.205Z

Reserved: 2007-02-08T00:00:00

Link: CVE-2007-0856

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-02-08T18:28:00.000

Modified: 2017-07-29T01:30:27.593

Link: CVE-2007-0856

cve-icon Redhat

No data.