CVE-2009-0686 Information

Description

The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009 and Security Pro 2008 and 2009 allows local users to gain privileges via a crafted IRP in a METHOD_NEITHER IOCTL request to \Device\tmactmon that overwrites memory.

Reference

http://en.securitylab.ru/lab/PT-2009-09 http://milw0rm.com/sploits/2009-trendmicro_local_expl_0day.zip http://www.securityfocus.com/archive/1/502314/100/0/threaded http://www.securityfocus.com/bid/34304 http://www.securitytracker.com/id?1021955 https://exchange.xforce.ibmcloud.com/vulnerabilities/49513 https://www.exploit-db.com/exploits/8322