CVE-2010-3189

Trend Micro Internet Security Pro 2010 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-3189. PoCs published by Trancer, including Metasploit module exploits/windows/browser/trendmicro_extsetowner.

AI-analyzed exploit summary This is a Metasploit module exploiting a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX control via the extSetOwner() function. It uses a heap spray technique to achieve reliable exploitation.

Description

The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Trancer · rubyremotewindows
https://www.exploit-db.com/exploits/15168

This is a Metasploit module exploiting a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX control via the extSetOwner() function. It uses a heap spray technique to achieve reliable exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Trend Micro Internet Security Pro 2010 (UfPBCtrl.dll 17.50.0.1366)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/trendmicro_extsetowner.rb

This Metasploit module exploits a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 by leveraging an invalid pointer in the extSetOwner() function of UfPBCtrl.dll. It uses a heap spray technique to achieve reliable exploitation via a malicious HTML page.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Trend Micro Internet Security Pro 2010 (UfPBCtrl.dll 17.50.0.1366)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6/7 · ActiveX controls must be enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-165
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/513327/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024364
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7633
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41140
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2185
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/61397

Scores

EPSS 0.3922
EPSS Percentile 98.4%

Details

CWE
CWE-94
Status published
Products (1)
trendmicro/internet_security 2010
Published Aug 31, 2010
Tracked Since Feb 18, 2026