5 matches found
EUVD-2008-3865
Malware in sbrugna...
PT-2008-5213 · Unknown · Ultra Office Control
Name of the Vulnerable Software and Affected Versions: Ultra Office Control version 2.0.2008.801 Description: The issue is a stack-based buffer overflow in the Ultra.OfficeControl ActiveX control. This occurs when the strUrl, strFile, and strPostData parameters to the HttpUpload method are overly...
PT-2008-5214 · Ultra · Ultra Office Control
Name of the Vulnerable Software and Affected Versions: Ultra Office Control version 2.0.2008.801 and earlier Description: The issue allows remote attackers to force the download of arbitrary files onto a client system. This is achieved by using a URL in the first argument to the Open method, in...
Ultra Office Control 'Save()'方法任意文件覆写漏洞
BUGTRAQ ID: 30863 CNCAN ID:CNCAN-2008061007 Ultra Office Control是一款用于VB, VB.Net, C或HTML应用程序中的Office ActiveX控件。 Ultra Office Control "Save"方法不正确处理参数数据,远程攻击者可以利用漏洞以应用程序权限覆盖系统任意文件。 "Save"方法接收如下四个参数: Sub Save ByVal SaveAsDocument As Variant , ByVal OverwriteExisting As Variant , ByVal WebUsername As...
Ultra Office Control 'HttpUpload()'方法缓冲区溢出漏洞
BUGTRAQ ID: 30861 CNCAN ID:CNCAN-2008061008 Ultra Office Control是一款用于VB, VB.Net, C或HTML应用程序中的Office ActiveX控件。 Ultra Office Control 'HttpUpload'方法不正确处理参数数据,远程攻击者可以利用漏洞以应用程序权限执行任意代码。 'HttpUpload'方法接收如下三个参数: Function HttpUpload ByVal strUrl As String , ByVal strFile As String , ByVal strPostData As...