New version has removed the “DeleteLocalFile” method to avoid the attack. Now the component will delete the temporary files when it exits.
We improved the HTTP download file too and provide a securer download method in the version 5.
The follow article is the vulnerable description about the 4.0 version.
Multiple vulnerabilities have been identified in EDraw Office Viewer Component v4.0, which could be exploited by remote attackers to delete arbitrary files or take complete control of an affected system.
The first issue is caused by a design error in the “DeleteLocalFile()” method within the “edrawofficeviewer.ocx” ActiveX control, which could be exploited by attackers to delete arbitrary files from a vulnerable system by tricking a user into visiting a specially crafted web page.
The second vulnerability is caused by a buffer overflow error in the “edrawofficeviewer.ocx” ActiveX control when processing malformed arguments passed to the “HttpDownloadFile()” method, which could be exploited by remote attackers to execute arbitrary code via a malicious web page.
Leave a Reply
You must be logged in to post a comment.
Recent Comments