UUSee UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability

info
discussion
exploit
solution
references

UUSee UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to view a malicious webpage.

NOTE: Symantec has discovered evidence of active exploits in the wild.

The following exploit code is available:

/data/vulnerabilities/exploits/29963.html