1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Ultra Office Control ActiveX File Overwrite

HTTP Ultra Office Control ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects a file overwrite vulnerability in the Ultra Office Control.

Additional Information

Ultra Office Control is an ActiveX control that allows users to open, view and edit Microsoft Office documents in a web browser.

Ultra Office Control is prone to a vulnerability that lets attackers overwrite files. This issue affects the 'Save()' method of the 'OfficeCtrl.ocx' ActiveX control identified by CLSID:00989888-BB72-4e31-A7C6-5F819C24D2F7. Specifically, using the 'SaveAsDocument' document, attackers can overwrite arbitrary files on the affected computer.

Successful exploits may allow attackers to compromise affected computers.


  • Ultra Office Control 2.0.2008.501 is vulnerable; other versions may also be affected.


Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube