CVE-2008-3878

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ultrashareware:ultra_office_control:2.0.2008.801:*:*:*:*:*:*:*

History

21 Nov 2024, 00:50

Type Values Removed Values Added
References () http://secunia.com/advisories/31632 - Vendor Advisory () http://secunia.com/advisories/31632 - Vendor Advisory
References () http://securityreason.com/securityalert/4200 - () http://securityreason.com/securityalert/4200 -
References () http://www.securityfocus.com/bid/30861 - () http://www.securityfocus.com/bid/30861 -
References () http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php - URL Repurposed () http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php - URL Repurposed
References () http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html - Exploit, URL Repurposed () http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html - Exploit, URL Repurposed
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/44749 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/44749 -
References () https://www.exploit-db.com/exploits/6318 - () https://www.exploit-db.com/exploits/6318 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html - Exploit (MISC) http://www.shinnai.net/xplits/TXT_RvfuIrwypWLMaiVn33Iy.html - Exploit, URL Repurposed
References (MISC) http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php - (MISC) http://www.shinnai.net/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1219826651.ff.php - URL Repurposed

Information

Published : 2008-09-02 15:41

Updated : 2024-11-21 00:50


NVD link : CVE-2008-3878

Mitre link : CVE-2008-3878

CVE.ORG link : CVE-2008-3878


JSON object : View

Products Affected

ultrashareware

  • ultra_office_control
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer