Lucene search
K

3 matches found

CVE
CVE
added 2008/12/23 6:13 p.m.53 views

CVE-2008-2435

CVE-2008-2435 is a use-after-free vulnerability in Trend Micro HouseCall ActiveX control, affecting versions 6.51.0.1028 and 6.6.0.1278 (Housecall_ActiveX.dll). The flaw allows a remote attacker to execute arbitrary code by tricking a user into loading a specially crafted page calling notifyOnLoa...

9.3CVSS7.7AI score0.06998EPSS
Exploits1References10Affected Software1
seebug.org
seebug.org
added 2008/12/23 12:0 a.m.42 views

Trend Micro HouseCall notifyOnLoadNative()函数任意代码执行漏洞

CVECAN ID: CVE-2008-2435 HouseCall是用于检查计算机是否被病毒、间谍软件感染的应用程序。 HouseCall ActiveX控件(HousecallActiveX.dll)中存在使用后释放漏洞,如果用户受骗访问了包含有特制notifyOnLoadNative回调函数的网页的话,就会引用之前已释放的内存。成功利用这个漏洞允许在用户机器上执行任意代码。 Trend Micro HouseCall Server Edition - 6.6 Trend Micro ----------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

9.3CVSS6.4AI score0.06998EPSS
Exploits1
securityvulns
securityvulns
added 2008/12/22 12:0 a.m.41 views

[Full-disclosure] Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability

====================================================================== Secunia Research 21/12/2008 - Trend Micro HouseCall "notifyOnLoadNative" Vulnerability - ====================================================================== Table of Contents Affected...

9.3CVSS0.4AI score0.06998EPSS
Exploits1
Rows per page
Query Builder