Vulnerability Description
Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ultrashareware | Ultra Office Control | 2.0.2008.801 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31632Vendor Advisory
- http://securityreason.com/securityalert/4200
- http://www.securityfocus.com/bid/30861
- http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_perURL Repurposed
- http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.htmlExploitURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44749
- https://www.exploit-db.com/exploits/6318
- http://secunia.com/advisories/31632Vendor Advisory
- http://securityreason.com/securityalert/4200
- http://www.securityfocus.com/bid/30861
- http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_perURL Repurposed
- http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.htmlExploitURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44749
- https://www.exploit-db.com/exploits/6318
FAQ
What is CVE-2008-3878?
CVE-2008-3878 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long...
How severe is CVE-2008-3878?
CVE-2008-3878 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3878?
Check the references section above for vendor advisories and patch information. Affected products include: Ultrashareware Ultra Office Control.