1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Ultra Office HttpUpload ActiveX BO

HTTP Ultra Office HttpUpload ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect the attempts to exploit a buffer overflow vulnerability in Ultra Office Activex Control.

Additional Information

Ultra Office Control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

Affected

  • Ultra Office Control 2.0.2008.501 is vulnerable; other versions may also be affected.

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube