CVE-2010-3189
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.5%
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trendmicro | internet_security | 2010 | cpe:2.3:a:trendmicro:internet_security:2010:-:pro:*:*:*:*:* |
References
esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx
secunia.com/advisories/41140
www.securityfocus.com/archive/1/513327/100/0/threaded
www.securitytracker.com/id?1024364
www.vupen.com/english/advisories/2010/2185
www.zerodayinitiative.com/advisories/ZDI-10-165
exchange.xforce.ibmcloud.com/vulnerabilities/61397
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7633
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.5%