back to article HouseCall throws a sickie

Users of Trend Micro's HouseCall antivirus scanner need to upgrade following the discovery of a potentially serious security bug. Attentive readers will have have already guessed the vulnerability involves a problem with an ActiveX control, specifically versions 6.51.0.1028 and 6.6.0.1278 of the HouseCall ActiveX Control. Users …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Pretty obvious, really....

> "The vulnerability is caused by a use-after-free error in the HouseCallActiveX control (Housecall_ActiveX.dll). This can be exploited to dereference previously freed memory by tricking the user into opening a web page containing a specially crafted "notifyOnLoadNative()"callback function."

Beats me why Trend Micro didn't notice the problem before!

0
0
This topic is closed for new posts.

Forums