Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3878

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3878
Last Modified 29 Jan 2009 01:54:41
Published 02 Sep 2008 11:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3878

Summary

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.

Vulnerable Systems

Application

  • Ultrashareware Ultra Office Control 2.0.2008.801


References

XF - uoc-ultraofficecontrol-bo(44749)

MISC - http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html

MISC - http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php

BID - 30861

MILW0RM - 6318

SREASON - 4200

SECUNIA - 31632


Last Updated: 27 May 2016 10:48:20