Edraw.PDF.Viewer.Component.ActiveX.Arbitrary.File.Overwrite
Description
This indicates an attack attempt against a Buffer Overflow vulnerability in the Edraw PDF Viewer Component ActiveX control.
The vulnerability is caused by an error when the software handles a specially crafted argument to the "FtpConnect" method. It allows a remote attacker to execute arbitrary code.
Affected Products
Versions prior to PDF Viewer Component 3.2.0.126 are vulnerable.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website:
http://www.edrawsoft.com/pdfviewer.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |