Back to search
CVE-2007-3169
Published: Jun 11, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument to the HttpDownloadFile method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2007-1992
vdb-entry
x_refsource_VUPEN
4009
exploit
x_refsource_EXPLOIT-DB
http://www.ocxt.com/archives/28
x_refsource_CONFIRM
24229
vdb-entry
x_refsource_BID
25418
third-party-advisory
x_refsource_SECUNIA
36045
vdb-entry
x_refsource_OSVDB
edraw-viewer-httpdownloadfile-bo(34590)
vdb-entry
x_refsource_XF
http://shinnai.altervista.org/viewtopic.php?id=42&t_id=32
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now