Trend Micro Internet Security Pro 'UfPBCtrl.dll' Code Execution Vulnerability

Summary
This host is installed with Trend Micro Internet Security Pro and is prone to code execution vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code on the system with the privileges of the victim. Impact Level: Application
Solution
Apply hotfix http://solutionfile.trendmicro.com/solutionfile/EN-1056426/TISPro_1750_win_en_hfb1695.exe ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****
Insight
The flaw is caused by an error in the 'extSetOwner()' function within the 'UfPBCtrl.dll' ActiveX control when processing user-supplied parameters, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
Affected
Trend Micro Internet Security Pro 2010
References