Showing 1 - 1 of 1

CVE-2008-3878

Status Candidate

Overview

Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.

Related Files

Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow: Posted Mar 5, 2010; Authored by shinnai, jduck | Site metasploit.com; This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.; tags | exploit, overflow; advisories | CVE-2008-3878; SHA-256 | 8a257918eee93537e405cc218701960973136185e85d5e2b8f61efc33ae7b6b3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
indoushka 101 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,100)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,775)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,536)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,750)
UNIX (9,437)
UnixWare (187)
Windows (6,674)
Other

CVE-2008-3878

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems