CVE-2007-4821

Name of the Vulnerable Software and Affected Versions: EDraw Office Viewer Component version 5.2

Description: A buffer overflow issue exists in the officeviewer.ocx 5.2.218.1 ActiveX control, allowing remote attackers to execute arbitrary code. This is achieved by passing a long first argument to the HttpDownloadFileToTempDir method.

Recommendations: For EDraw Office Viewer Component version 5.2, consider disabling the HttpDownloadFileToTempDir method as a temporary workaround until a patch is available. Restrict access to the officeviewer.ocx ActiveX control to minimize the risk of exploitation.