CVE-2007-0856
First published: Thu Feb 08 2007(Updated: )
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro Client Server Messaging Security | =3.5 | |
| Trend Micro Damage Cleanup Server | =3.2 | |
| Trend Micro PC-cillin Internet Security 2006 | =2007 | |
| Trend Micro TmComm | =1.5.1052 | |
| Trend Micro Antirootkit Common Module | ||
| Trend Micro AntiSpyware | =3.0_sp2 | |
| Trend Micro AntiSpyware | =3.2_sp1 | |
| Trend Micro AntiSpyware | =3.5 | |
| Trend Micro Antivirus | =2007 | |
| Trend Micro VsapiNI.sys | =3.320.1003 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469
- http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432
- http://www.securityfocus.com/bid/22448
- http://securitytracker.com/id?1017604
- http://securitytracker.com/id?1017605
- http://securitytracker.com/id?1017606
- http://secunia.com/advisories/24069
- http://www.kb.cert.org/vuls/id/282240
- http://www.kb.cert.org/vuls/id/666800
- http://osvdb.org/33039
- http://www.vupen.com/english/advisories/2007/0521
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32353
Frequently Asked Questions
What is the severity of CVE-2007-0856?
CVE-2007-0856 is classified as a critical vulnerability that could allow remote code execution.
How do I fix CVE-2007-0856?
To fix CVE-2007-0856, you should update to the latest version of affected Trend Micro products that address this vulnerability.
Which software products are affected by CVE-2007-0856?
CVE-2007-0856 affects Trend Micro AntiSpyware, PC-Cillin Internet Security 2007, and several other Trend Micro security products.
What impact could CVE-2007-0856 have on my system?
CVE-2007-0856 could potentially allow an attacker to execute arbitrary code, compromising the affected system.
Is there a known exploit for CVE-2007-0856?
Yes, there are known exploits that can leverage CVE-2007-0856 to execute malicious code on vulnerable systems.
- agent/references
- agent/remedy
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/trend micro
- canonical/trend micro client server messaging security
- version/trend micro client server messaging security/3.5
- canonical/trend micro damage cleanup server
- version/trend micro damage cleanup server/3.2
- canonical/trend micro pc-cillin internet security 2006
- version/trend micro pc-cillin internet security 2006/2007
- canonical/trend micro tmcomm
- version/trend micro tmcomm/1.5.1052
- canonical/trend micro antirootkit common module
- canonical/trend micro antispyware
- version/trend micro antispyware/3.0_sp2
- version/trend micro antispyware/3.2_sp1
- version/trend micro antispyware/3.5
- canonical/trend micro antivirus
- version/trend micro antivirus/2007
- canonical/trend micro vsapini.sys
- version/trend micro vsapini.sys/3.320.1003