Multiple Office OCX ActiveX Controls 'OpenWebFile()' Arbitrary Program Execution Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into viewing a malicious web page.

UPDATE (January 27, 2009): Symantec has detected active exploits of this issue in the wild.

The following example exploits are available:


 

Privacy Statement
Copyright 2010, SecurityFocus