Unrated severityNVD Advisory· Published Sep 8, 2009· Updated Apr 23, 2026

CVE-2008-7168

Description

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.

Affected products

Uusee/Uusee
cpe:2.3:a:uusee:uusee:4.0.0.32_2008:*:*:*:*:*:*:*
Uusee/Uuupgrade.ocx
cpe:2.3:a:uusee:uuupgrade.ocx:3.0.2.12:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

downloads.securityfocus.com/vulnerabilities/exploits/29963.htmlnvdExploit
www.securityfocus.com/bid/29963nvdExploit
exchange.xforce.ibmcloud.com/vulnerabilities/43428nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000