Vulnerabilities > CVE-2008-7168 - Unspecified vulnerability in Uusee and Uuupgrade.Ocx
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN uusee
exploit available
Summary
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability. CVE-2008-7168. Remote exploit for windows platform |
| id | EDB-ID:31980 |
| last seen | 2016-02-03 |
| modified | 2008-06-26 |
| published | 2008-06-26 |
| reporter | Symantec |
| source | https://www.exploit-db.com/download/31980/ |
| title | UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability |
References
- http://downloads.securityfocus.com/vulnerabilities/exploits/29963.html
- http://downloads.securityfocus.com/vulnerabilities/exploits/29963.html
- http://www.securityfocus.com/bid/29963
- http://www.securityfocus.com/bid/29963
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43428
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43428