The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.Referenceshttp://www.greyhathacker.net/?p=818http://www.exploit-db.com/exploits/35962http://esupport.trendmicro.com/en-us/home/pages/technical-support/1106233.aspxhttp://www.osvdb.org/115514
