CVE-2008-7168 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2008-7168

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.

Affected Software

Name	Vendor	Start Version	End Version
Uusee	Uusee	4.0.0.32_2008 (including)	4.0.0.32_2008 (including)
Uuupgrade.ocx	Uusee	3.0.2.12 (including)	3.0.2.12 (including)

References

http://downloads.securityfocus.com/vulnerabilities/exploits/29963.html
http://www.securityfocus.com/bid/29963
https://exchange.xforce.ibmcloud.com/vulnerabilities/43428
http://downloads.securityfocus.com/vulnerabilities/exploits/29963.html
http://www.securityfocus.com/bid/29963
https://exchange.xforce.ibmcloud.com/vulnerabilities/43428