Multiple Office OCX ActiveX Controls 'Save()' Arbitrary File Overwrite Vulnerability
Multiple Office OCX ActiveX controls are prone to a vulnerability that lets attackers overwrite arbitrary files.
Successful exploits may result in denial-of-service conditions. Other attacks are also possible.
The following ActiveX controls are vulnerable:
Office Viewer OCX 3.0.1
Word Viewer OCX 3.2
PowerPoint Viewer OCX 3.1