EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

info
discussion
exploit
solution
references

EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

The EDraw Office Viewer Component ActiveX Control is prone to a vulnerability that lets attackers overwrite files.

An attacker can exploit this issue to overwrite files with arbitrary, attacker-controlled content. This will aid in further attacks.

Version 5.1 of the control is vulnerable; other versions may also be affected.