Multiple Office OCX ActiveX Controls 'Save()' Arbitrary File Overwrite Vulnerability

Multiple Office OCX ActiveX Controls 'Save()' Arbitrary File Overwrite Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into viewing a malicious web page.

The following example exploit code is available:

/data/vulnerabilities/exploits/33238_powerpoint.html
/data/vulnerabilities/exploits/33238_office.html
/data/vulnerabilities/exploits/33238_word.html