Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow

No description provided by source. $Id: ultraofficehttpupload.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Ultra Shareware Office Control - ActiveX HttpUpload Buffer Overflow (Metasploit)

$Id: ultraofficehttpupload.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow

This module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when...

Stack overflow

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method...

CVE-2008-3878

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method...

Ultra Office Control 'HttpUpload()'方法缓冲区溢出漏洞

BUGTRAQ ID: 30861 CNCAN ID：CNCAN-2008061008 Ultra Office Control是一款用于VB, VB.Net, C或HTML应用程序中的Office ActiveX控件。 Ultra Office Control 'HttpUpload'方法不正确处理参数数据，远程攻击者可以利用漏洞以应用程序权限执行任意代码。 'HttpUpload'方法接收如下三个参数： Function HttpUpload ByVal strUrl As String , ByVal strFile As String , ByVal strPostData As...