Office Viewer Component
by Edraw
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5257 | 0.04 | — | 0.15 | Oct 6, 2007 | Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a… | |||
| CVE-2007-4821 | 0.04 | — | 0.09 | Sep 11, 2007 | Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169. | |||
| CVE-2007-3168 | 0.04 | — | 0.06 | Jun 11, 2007 | A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method. | |||
| CVE-2007-3169 | 0.04 | — | 0.12 | Jun 11, 2007 | Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument… | |||
| CVE-2007-4420 | 0.03 | — | 0.03 | Aug 18, 2007 | Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a… | |||
| CVE-2013-0501 | 0.00 | — | 0.01 | Apr 12, 2013 | The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client… |
- CVE-2007-5257Oct 6, 2007risk 0.04cvss —epss 0.15
Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a…
- CVE-2007-4821Sep 11, 2007risk 0.04cvss —epss 0.09
Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169.
- CVE-2007-3168Jun 11, 2007risk 0.04cvss —epss 0.06
A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method.
- CVE-2007-3169Jun 11, 2007risk 0.04cvss —epss 0.12
Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument…
- CVE-2007-4420Aug 18, 2007risk 0.03cvss —epss 0.03
Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a…
- CVE-2013-0501Apr 12, 2013risk 0.00cvss —epss 0.01
The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client…