Vulnerabilities > CVE-2008-7168 - Unspecified vulnerability in Uusee and Uuupgrade.Ocx
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability. CVE-2008-7168. Remote exploit for windows platform |
id | EDB-ID:31980 |
last seen | 2016-02-03 |
modified | 2008-06-26 |
published | 2008-06-26 |
reporter | Symantec |
source | https://www.exploit-db.com/download/31980/ |
title | UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability |