1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: TrendMicro Internet Security CVE-2010-3189

Attack: TrendMicro Internet Security CVE-2010-3189

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a remote code execution vulnerability in TrendMicro Internet Security

Additional Information

Trend Micro Internet Security Pro is a software security suite.

Trend Micro Internet Security Pro is prone to a remote code-execution vulnerability that affects the 'extSetOwner()' method of the 'UfPBCtrl.dll' ActiveX control. Specifically, the application fails to validate the input passed to the affected method of ActiveX control identified by CLSID:

15DBC3F9-9F0A-472E-8061-043D9CEC52F0

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control.

Trend Micro Internet Security Pro 2010 is vulnerable; other versions may also be affected.

Affected

  • Trend Micro Internet Security Pro 2010 is vulnerable; other versions may also be affected.

Response

There is an hotfix that is available on the product website for this vulnerability
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube