CVE-2014-9641

Status: Analyzed
Last modified: 09-02-2015
Published: 06-02-2015
7.2

SUMMARY CVE-2014-9641

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.

Access CVSS CVE-2014-9641

Attack Complexity Attack Vector Privileges Required Scope User Interaction
LOW LOCAL NONE - -

Impact CVSS CVE-2014-9641

Confidentiality Integrity Availability
COMPLETE COMPLETE COMPLETE

Details CVE-2014-9641

EPSS 0.00061
EPSS % 0.27022
References
CWE CWE-264
Vulnerable Configurations
  • cpe:2.3:a:trendmicro:tmeext.sys:2.0.0.1014:*:*:*:*:*:*:*
    cpe:2.3:a:trendmicro:tmeext.sys:2.0.0.1014:*:*:*:*:*:*:*

ATOM RSS Feed Link for CVE Vulnerabilities

CVE Data Propulsed by AKAOMA CyberSecurity