CVE DATABASE / CVE-2010-3189
CVE-2010-3189
CVSS 9.3 · HIGH
Summary
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.
CVSS 2.0 breakdown
| Base score | 9.3 (HIGH) |
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Attack vector | NETWORK |
| Attack complexity | MEDIUM |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Trendmicro internet security
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://esupport.trendmicro.com/pages/Hot-Fix-UfPBCtrldll-is-vulnerable-to-remote-attackers.aspx
- http://secunia.com/advisories/41140
- http://www.securityfocus.com/archive/1/513327/100/0/threaded
- http://www.securitytracker.com/id?1024364
- http://www.vupen.com/english/advisories/2010/2185
- http://www.zerodayinitiative.com/advisories/ZDI-10-165
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61397
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7633
Data: NIST NVD. NVD last modified 2026-04-29. Always verify against the vendor advisory before acting.