Edraw.Excel.Viewer.OCX.Arbitrary.File.Overwrite.or.Download
Description
This indicates a possible attack attempt against one of the Arbitrary File Overwrite and Download vulnerabilities in Edraw Excel Viewer OCX ActiveX control.
The vulnerabilities are caused by the software's failure to check whether a file name already exists on a victim's computer or to check where the file is from. Successfully exploiting these vulnerabilities will allow an attacker to corrupt or overwrite arbitrary files on the computer, in the context of the application using the ActiveX control (typically Internet Explorer).
Affected Products
Office OCX Excel Viewer OCX 3.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the web site.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |