CVE-2010-3189: Code Injection
First published: Tue Aug 31 2010(Updated: )
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Internet Security | =2010 |
Remedy
http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/41140
- http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx
- http://www.securitytracker.com/id?1024364
- http://www.zerodayinitiative.com/advisories/ZDI-10-165
- http://www.vupen.com/english/advisories/2010/2185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61397
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7633
- http://www.securityfocus.com/archive/1/513327/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/trendmicro
- canonical/trendmicro internet security
- version/trendmicro internet security/2010