9.3

CVE-2008-2435

Use-after-free vulnerability in the Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to execute arbitrary code via a crafted notifyOnLoadNative callback function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Trend MicroHousecall Version6.6.0.1278
Trend MicroHousecall Version6.51.0.1028
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7% 0.933
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1038646&id=EN-1038646
Vendor Advisory
http://www.vupen.com/english/advisories/2008/3464
http://secunia.com/advisories/31583
Vendor Advisory
http://secunia.com/secunia_research/2008-34/
Vendor Advisory
http://securitytracker.com/id?1021481
http://www.kb.cert.org/vuls/id/702628
US Government Resource
http://www.osvdb.org/50843
http://www.securityfocus.com/archive/1/499478/100/0/threaded
http://www.securityfocus.com/bid/32950
https://exchange.xforce.ibmcloud.com/vulnerabilities/47523