CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-1381

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0510%
EPSS Percentile34.90th
Published2006年3月24日
Last Modified2026年4月16日

Vulnerability Description

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.

Affected Platforms (CPE)

📦
Trend Micro

Officescan

= 5.5

References & Advisories

🔗 http://secunia.com/advisories/11576
🔗 http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english
🔗 http://www.vupen.com/english/advisories/2006/1041
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/25415
🔗 http://secunia.com/advisories/11576
🔗 http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english
🔗 http://www.vupen.com/english/advisories/2006/1041
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/25415

関連する脆弱性情報

CVE-2007-345510.0

cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the passwor...

CVE-2008-243710.0

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 a...

CVE-2007-345410.0

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote atta...

CVE-2008-440210.0

Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 bef...