Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trend Micro OfficeScan本地权限提升漏洞
Vulnerability Description
Trend OfficeScan是一款企业级反病毒程序。 Trend OfficeScan的"OfficeScan Client"实现存在问题,本地攻击者可以利用这个漏洞提升权限。 当Trend OfficeScan发现病毒后,"OfficeScan Client"窗口会显示发现病毒,这个窗口属于"OfficeScanNT RealTime Scan"服务,点击帮助按钮就可以以officescan服务进程启动winhlp32.exe,利用winhlp32.exe就可能以系统权限运行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A