CVE-2008-7168

EXPLOITED IN THE WILD

UUSee UUUpgrade <3.0.2.12 - Code Injection

Title source: llm

Description

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Symantec · htmlremotewindows
https://www.exploit-db.com/exploits/31980

References (3)

Scores

EPSS 0.0207
EPSS Percentile 84.0%

Details

VulnCheck KEV 2009-09-08
InTheWild.io 2017-08-17
Status published
Products (2)
uusee/uusee 4.0.0.32_2008
uusee/uuupgrade.ocx 3.0.2.12
Published Sep 08, 2009
Tracked Since Feb 18, 2026