GdPicture Pro 'gdpicture4s.ocx' ActiveX Control Arbitrary File Overwrite Vulnerability

GdPicture Pro 'gdpicture4s.ocx' ActiveX Control Arbitrary File Overwrite Vulnerability

An ActiveX control in GdPicture Pro SDK is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input.

Successful exploits may compromise affected computers and could aid in further attacks.

This issue affects gdpicture4s.ocx 4.7.0.1. This control is included in GdPicture Light Imaging Toolkit 4.7.1. Other versions may also be affected.