Lucene search

[email protected]CVE-2008-3878

HistorySep 02, 2008 - 3:41 p.m.

CVE-2008-3878

2008-09-0215:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-3878

ultra.officecontrol

activex

buffer overflow

security vulnerability

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.9 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.

Affected configurations

NVD

Node

ultrasharewareultra_office_controlMatch2.0.2008.801

CPENameOperatorVersion
ultrashareware:ultra_office_controlultrashareware ultra office controleq2.0.2008.801

CPE	Name	Operator	Version
ultrashareware:ultra_office_control	ultrashareware ultra office control	eq	2.0.2008.801

References

secunia.com/advisories/31632

securityreason.com/securityalert/4200

www.securityfocus.com/bid/30861

www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php

www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html

exchange.xforce.ibmcloud.com/vulnerabilities/44749

www.exploit-db.com/exploits/6318

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.9 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2008-3878

packetstorm1 prion1 cvelist1 nvd1 openvas2