• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Trend Micro AntiVirus Engine Tmxpflt.SYS Local Buffer Overflow Vulnerability

Trend Micro AntiVirus engine is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Successful exploits may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges and completely compromise affected computers. Failed exploit attempts could crash the computer, denying service to legitimate users.

Applications that incorporate 'Tmxpflt.sys' 8.320.1004 and 8.500.0.1002 from the AntiVirus engine are vulnerable, including Trend Micro PC-cillin Internet Security 2007, ServerProtect, and OfficeScan.