CVE-2010-3189

The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.

Published: Aug 31, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3189
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
trendmicro / internet_security	2010	2010.x

http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx
http://secunia.com/advisories/41140
http://www.securityfocus.com/archive/1/513327/100/0/threaded
http://www.securitytracker.com/id?1024364
http://www.vupen.com/english/advisories/2010/2185
http://www.zerodayinitiative.com/advisories/ZDI-10-165
https://exchange.xforce.ibmcloud.com/vulnerabilities/61397
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7633

Vulnerability Database

289,697

CVE-2010-3189