| Name | Ultra.Office.Vulnerable.Method.ActiveX.Control.Access |
| Last Updated Date | Oct 30, 2008 |
| Release Date | Sep 23, 2008 |
| Severity | High |
| Impact | System Compromise |
| Description | This indicates an attack attempt against a buffer-overflow vulnerability in Ultra Shareware Ultra Office Control.
This vulnerability is caused by a boundary error in the Ultra.OfficeControl ActiveX control when handling parameters received by the "HttpUpload()" or "Save()" method. Remote attackers may exploit this to execute arbitrary code. |
| Affected Products | Ultra Shareware Ultra Office Control 2.0.2008.501 |
| Recommended Actions | Update to the latest version:
http://www.ultrashareware.com/Ultra-Office-Control.htm. |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-3878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-3879
|
| Reference/s | http://www.securityfocus.com/bid/30861 (BugTraq)
http://www.securityfocus.com/bid/30863 (BugTraq)
|