9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
Low
0.9 High
EPSS
Percentile
98.8%
Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.
CPE | Name | Operator | Version |
---|---|---|---|
ultrashareware:ultra_office_control | ultrashareware ultra office control | eq | 2.0.2008.801 |
secunia.com/advisories/31632
securityreason.com/securityalert/4200
www.securityfocus.com/bid/30861
www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php
www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html
exchange.xforce.ibmcloud.com/vulnerabilities/44749
www.exploit-db.com/exploits/6318