Verification........................................................10
======================================================================
1) Affected Software
* Trend Micro Internet Security 2007
* Trend Micro Internet Security 2008 17.0.1224
* Trend Micro OfficeScan 8.0 SP1 Patch 1
NOTE: Other versions may also be affected.
----------------------------------------------------------------------
(PT-2009-09) Positive Technologies Security Advisory
Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege
Escalation Vulnerabilities
----------------------------------------------------------------------
---[ Affected Software ]
ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-165
August 25, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Trend Micro
-ServerProtect for EMC Celerra
-ServerProtect for NetApp
-Server Protect for Linux
-ServerProtect for Network Appliance Filers
3. Trend Micro Internet Security product suites
(Internet Security Pro, Internet Security, Antivirus+AntiSpyware)
4. Client / Server / Messaging Suite ( The OfficeScan component )
5. Worry Free Business Security - Standard
6. Worry Free Business Security - Advanced ( The security agent component )
7. Worry Free Business Security Hosted
* Panda Internet Security 2010 15.01.00
* PC Tools Firewall Plus 6.0.0.88
* PrivateFirewall 7.0.20.37
* Security Shield 2010 13.0.16.313
* Sophos Endpoint Security and Control 9.0.5
* Trend Micro Internet Security Pro 2010 17.50.1647.0000
* Vba32 Personal 3.12.12.4
* VIPRE Antivirus Premium 4.0.3272
* VirusBuster Internet Security Suite 3.2
* Webroot Internet Security Essentials 6.1.0.145
* ZoneAlarm Extreme Security 9.1.507.000
