CVE-2010-3189 Information

Description

The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.

Reference

http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx http://secunia.com/advisories/41140 http://www.securityfocus.com/archive/1/513327/100/0/threaded http://www.securitytracker.com/id?1024364 http://www.vupen.com/english/advisories/2010/2185 http://www.zerodayinitiative.com/advisories/ZDI-10-165 https://exchange.xforce.ibmcloud.com/vulnerabilities/61397 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7633