CVE-2008-3879

Ultra Office Control 2.0.2008.801 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3879. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages an arbitrary file corruption vulnerability in the Ultra Office ActiveX control. It allows an attacker to overwrite files on the victim's system by tricking them into clicking a button, which then downloads a file from a remote URL and saves it to a specified local path.

Description

The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and earlier in Ultra Shareware Ultra Office Control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument (SaveAsDocument argument) to the Save method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/6319

View Code ZIP pw:eip

This exploit leverages an arbitrary file corruption vulnerability in the Ultra Office ActiveX control. It allows an attacker to overwrite files on the victim's system by tricking them into clicking a button, which then downloads a file from a remote URL and saves it to a specified local path.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Ultra Office ActiveX Control

No auth needed

Prerequisites: Victim must visit a malicious webpage and click a button · Ultra Office ActiveX control must be installed and enabled

MITRE ATT&CK