virus logo Intrusion Prevention

Edraw.Excel.Viewer.OCX.Arbitrary.File.Overwrite.or.Download

description-logoDescription

This indicates a possible attack attempt against one of the Arbitrary File Overwrite and Download vulnerabilities in Edraw Excel Viewer OCX ActiveX control.
The vulnerabilities are caused by the software's failure to check whether a file name already exists on a victim's computer or to check where the file is from. Successfully exploiting these vulnerabilities will allow an attacker to corrupt or overwrite arbitrary files on the computer, in the context of the application using the ActiveX control (typically Internet Explorer).

affected-products-logoAffected Products

Office OCX Excel Viewer OCX 3.2

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the web site.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 27936
Created Jul 22, 2011
Updated Feb 24, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App Other