This host is running Ultra Office Control, which is prone to multiple vulnerabilities.

Successful exploitation will allow execution of arbitrary code, stack-based buffer overflow, can overwrite arbitrary files on the vulnerable system by tricking a user into visiting a malicious website. Impact Level : Application

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. A workaround is to Set a kill bit for the CLSID {00989888-BB72-4E31-A7C6-5F819C24D2F7}

Error exists when handling parameters received by the HttpUpload() and Save() methods in OfficeCtrl.ocx file.

Ultra Office Control 2.x and prior versions on Windows (All).

• http://secunia.com/advisories/31632/
• http://www.juniper.net/security/auto/vulnerabilities/vuln30861.html

---

Updated on 2015-03-25