CVE-2008-3878
Ultra Office Control <2.0.2008.801 - Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16513
exploitdb
WORKING POC
VERIFIED
by shinnai · htmlremotewindows
https://www.exploit-db.com/exploits/6318
metasploit
WORKING POC
GOOD
by shinnai, jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ultraoffice_httpupload.rb
References (7)
Scores
EPSS
0.7193
EPSS Percentile
98.8%
Details
CWE
CWE-119
Status
published
Products (1)
ultrashareware/ultra_office_control
2.0.2008.801
Published
Sep 02, 2008
Tracked Since
Feb 18, 2026