Vulnerability Description
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendmicro | Internet Security | 2010 |
Related Weaknesses (CWE)
References
- http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remotePatchVendor Advisory
- http://secunia.com/advisories/41140Vendor Advisory
- http://www.securityfocus.com/archive/1/513327/100/0/threaded
- http://www.securitytracker.com/id?1024364
- http://www.vupen.com/english/advisories/2010/2185Vendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-10-165
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61397
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remotePatchVendor Advisory
- http://secunia.com/advisories/41140Vendor Advisory
- http://www.securityfocus.com/archive/1/513327/100/0/threaded
- http://www.securitytracker.com/id?1024364
- http://www.vupen.com/english/advisories/2010/2185Vendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-10-165
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61397
FAQ
What is CVE-2010-3189?
CVE-2010-3189 is a vulnerability with a CVSS score of 9.3 (HIGH). The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address tha...
How severe is CVE-2010-3189?
CVE-2010-3189 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3189?
Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Internet Security.