Trend Micro Internet Security Pro 2009 - Priviliege Escalation

EDB-ID:

8322

Author:

b1@ckeYe

Type:

local

Platform:

Windows

Published:

2009-03-30

Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation PoC.
by b1@ckeYe

The vulnerability is caused due to the IOCTL handler of the "tmactmon.sys" 
driver improperly processing user space parameters. This exploit execute 
arbitrary code in kernel space via a specially crafted IOCTL.

untested: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/8322.zip 2009-trendmicro_local_expl_0day.zip)

# milw0rm.com [2009-03-30]