Microsoft Office OCX ActiveX controls OpenWebFile program execution
Added: 01/30/2009BID: 33243
Background
Microsoft Office OCX is a suite of ActiveX document containers to create, open, edit, and print Microsoft Office files.Problem
A vulnerability in multiple Office OCX ActiveX controls allows a web page to execute remote programs using the OpenWebFile method.Resolution
Apply an update when available.References
http://www.securityfocus.com/bid/33243Limitations
Exploit works on Office Viewer OCX 3.2 and requires a user to load the exploit page in Internet Explorer.Platforms
WindowsBack to exploit index