CVE-2008-3879

CVE-2008-3879 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and earlier in Ultra Shareware Ultra Office Control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument (SaveAsDocument argument) to the Save method.

Learn more about our Cis Benchmark Audit For Microsoft Office.