Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4579
HistoryDec 23, 2008 - 12:00 a.m.

Trend Micro HouseCall notifyOnLoadNative()函数任意代码执行漏洞

2008-12-2300:00:00
Root
www.seebug.org
20

EPSS

0.292

Percentile

96.9%

JSON

CVE(CAN) ID: CVE-2008-2435

HouseCall是用于检查计算机是否被病毒、间谍软件感染的应用程序。

HouseCall ActiveX控件(Housecall_ActiveX.dll)中存在使用后释放漏洞,如果用户受骗访问了包含有特制notifyOnLoadNative()回调函数的网页的话,就会引用之前已释放的内存。成功利用这个漏洞允许在用户机器上执行任意代码。

Trend Micro HouseCall Server Edition - 6.6
Trend Micro

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1038646&id=EN-1038646” target=“_blank”>http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1038646&id=EN-1038646</a>

Related

prion 1
cert 1
nvd 1
securityvulns 1
cvelist 1
cve 1
checkpoint_advisories 1
kaspersky 1
openvas 2
prion
prion
Design/Logic Flaw
2008-12-23 18:30:00
cert
cert
Trend Micro HouseCall ActiveX control notifyOnLoadNative() uses previously free'd memory
2008-12-25 00:00:00
nvd
nvd
CVE-2008-2435
2008-12-23 18:30:03
securityvulns
securityvulns
[Full-disclosure] Secunia Research: Trend Micro HouseCall &quot;notifyOnLoadNative&#40;&#41;&quot; Vulnerability
2008-12-22 00:00:00
cvelist
cvelist
CVE-2008-2435
2008-12-23 18:13:00
cve
cve
CVE-2008-2435
2008-12-23 18:30:03
checkpoint_advisories
checkpoint_advisories
Update Protection against Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability
2009-01-23 00:00:00
kaspersky
kaspersky
KLA10368 Multiple vulnerabilities in Trend Micro HouseCall
2008-12-23 00:00:00
openvas
openvas
Ubuntu USN-698-1 (nagios)
2009-06-05 00:00:00
Ubuntu USN-698-1 (nagios)
2009-06-05 00:00:00

EPSS

0.292

Percentile

96.9%

JSON
Related for SSV:4579
prion1cert1nvd1securityvulns1cvelist1cve1checkpoint_advisories1kaspersky1openvas2