CVE-2007-0856

Name: CVE-2007-0856
Creator: NVD / NIST
Published: 2007-02-08T18:28:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.95%

Last modified Jun 16, 2026

CVE-2007-0856 is a vulnerability of currently unknown severity. TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.. EPSS estimates a 0.95% chance of exploitation in the next 30 days.

Description

TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.

Metrics

EPSS Probability

0.95%

56.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Trend Micro	Client-Server-Messaging Security	3.5
Trend Micro	Damage Cleanup Services	3.2
Trend Micro	Pc-Cillin Internet Security	2007
Trend Micro	Tmcomm.Sys	1.5.1052
Trend Micro	Trend Micro Antirootkit Common Module	All versions
Trend Micro	Trend Micro Antispyware	3.0_sp2
Trend Micro	Trend Micro Antispyware	3.2_sp1
Trend Micro	Trend Micro Antispyware	3.5
Trend Micro	Trend Micro Antivirus	2007
Trend Micro	Vsapini.Sys	3.320.1003

References

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432Patch
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469Vendor Advisory
http://osvdb.org/33039
http://secunia.com/advisories/24069Patch, Vendor Advisory
http://securitytracker.com/id?1017604
http://securitytracker.com/id?1017605
http://securitytracker.com/id?1017606
http://www.kb.cert.org/vuls/id/282240US Government Resource
http://www.kb.cert.org/vuls/id/666800US Government Resource
http://www.securityfocus.com/bid/22448
http://www.vupen.com/english/advisories/2007/0521
https://exchange.xforce.ibmcloud.com/vulnerabilities/32353
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034432&id=EN-1034432Patch
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=469Vendor Advisory
http://osvdb.org/33039
http://secunia.com/advisories/24069Patch, Vendor Advisory
http://securitytracker.com/id?1017604
http://securitytracker.com/id?1017605
http://securitytracker.com/id?1017606
http://www.kb.cert.org/vuls/id/282240US Government Resource
http://www.kb.cert.org/vuls/id/666800US Government Resource
http://www.securityfocus.com/bid/22448
http://www.vupen.com/english/advisories/2007/0521
https://exchange.xforce.ibmcloud.com/vulnerabilities/32353

Timeline

Published: Feb 8, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-0856?

How severe is CVE-2007-0856?

Severity scoring for CVE-2007-0856 is pending analysis. The EPSS model estimates a 0.95% probability of exploitation in the next 30 days.

How do I fix CVE-2007-0856?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-0856?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST