CVE-2008-7168
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- September 07, 2009
- Published Date
- September 08, 2009
- Last Updated
- August 07, 2024
- Vendor
- UUSee
- Product
- UUUpgrade ActiveX control
- Description
- Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.
CVSS Scores
CVSS v2.0
9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploit Status
- Exploited in the Wild
- Yes (2009-09-08 10:00:00 UTC) Source
References
Known Exploited Vulnerability Information
Source | Added Date |
---|---|
CVE | 2009-09-08 10:00:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel