CVE-2008-3866

CVE-2008-3866 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.

Learn more about our Cis Benchmark Audit For Microsoft Office.