Multiple Office OCX ActiveX Controls 'OpenWebFile()' Arbitrary Program Execution Vulnerability

Multiple Office OCX ActiveX controls are prone to a vulnerability that lets attackers execute arbitrary remote files.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). This may aid in further attacks.

The following ActiveX controls are vulnerable:

Office Viewer OCX 3.0.1
Word Viewer OCX 3.2
PowerPoint Viewer OCX 3.1
Excel Viewer OCX 3.2


Privacy Statement
Copyright 2010, SecurityFocus