EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

Bugtraq ID:	25344
Class:	Design Error
CVE:	CVE-2007-4420
Remote:	Yes
Local:	No
Published:	Aug 16 2007 12:00AM
Updated:	May 07 2015 05:36PM
Credit:	shinnai is credited with the discovery of this issue.
Vulnerable:	EDraw Office Viewer Component 5.4 EDraw Office Viewer Component 5.1
Not Vulnerable:

EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

The EDraw Office Viewer Component ActiveX Control is prone to a vulnerability that lets attackers overwrite files.

An attacker can exploit this issue to overwrite files with arbitrary, attacker-controlled content. This will aid in further attacks.

Version 5.1 of the control is vulnerable; other versions may also be affected.

EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

UPDATE (August 11, 2008): Symantec has detected active exploit attempts in the wild.

The following exploits are available:

• /data/vulnerabilities/exploits/25344.html
• /data/vulnerabilities/exploits/25344_Cyber-Zone.html

EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite Vulnerability

References:

• Microsoft Knowledge Base Article 240797 (Microsoft)
  
• Office Viewer Component Homepage (EDraw)