PT-2007-6340 · Edraw · Office Viewer

Shinnai

Published

2007-10-06

Updated

2017-09-29

CVE-2007-5257

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a different vector than CVE-2007-4821 and CVE-2007-3169.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-5257

Affected Products

Office Viewer

PT-2007-6340 · Edraw · Office Viewer

CVE-2007-5257

Weakness Enumeration

Related Identifiers

Affected Products

References · 8