CVE-2008-3878

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.

Published: Sep 2, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3878
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ultrashareware / ultra_office_control	2.0.2008.801	2.0.2008.801.x

http://secunia.com/advisories/31632
http://securityreason.com/securityalert/4200
http://www.securityfocus.com/bid/30861
http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php
http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/44749
https://www.exploit-db.com/exploits/6318

Vulnerability Database

290,020

CVE-2008-3878