Intrusion PreventionMS.Office.2000.UA.OUACTRL.OCX.ActiveX.Control.Access
Description
This indicates a vulnerability in the Microsoft Office 2000 UA OUACTRL.OCX ActiveX Control. This vulnerability is caused by a buffer overflow in the HelpPopup method. It allows remote attackers to cause a denial of service or execute arbitrary code in the context of the application using the ActiveX control.
Affected Products
Microsoft Office 2000 Multilanguage Packs 0
Microsoft Office 2000 Korean Version
Microsoft Office 2000 Japanese Version
Microsoft Office 2000 Chinese Version
Microsoft Office 2000 SP3
Microsoft Office 2000 SP1
Microsoft Office 2000
Microsoft Internet Explorer for Unix SP2
Impact
System compromise, remote code execution.
Recommended Actions
Apply patch, available from the Web site:
Microsoft Office 2000
Microsoft uactlsec.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e9388cc-76fa -40cf-a84a-6284f5a15533&DisplayLang=en
Microsoft Office 2000 SP1
Microsoft uactlsec.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e9388cc-76fa -40cf-a84a-6284f5a15533&DisplayLang=en
Microsoft Office 2000 SP3
Microsoft uactlsec.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e9388cc-76fa -40cf-a84a-6284f5a15533&DisplayLang=en
Microsoft Internet Explorer for Unix SP2
Microsoft uactlsec.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e9388cc-76fa -40cf-a84a-6284f5a15533&DisplayLang=en
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 14733 |
| Created | Jul 04, 2007 |
| Updated | Jan 13, 2022 |
| Risk |
|
| CVE ID | CVE-2007-2903 |
| Exploit Prediction Score | 42.61% |
| Default Action | pass |
| Active | |
| Affected OS | Windows |
| Affected App | MS_Office |