cbcvebase.
CVE-2007-3169
published 2007-06-11

CVE-2007-3169: Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows…

PriorityP343critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
11.91%
95.6th percentile
Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument to the HttpDownloadFile method.

Affected

5 ranges
VendorProductVersion rangeFixed in
edrawoffice_viewer_component<= 5.3.220.1
edrawoffice_viewer_component<= 5.0
edrawoffice_viewer_component
edrawoffice_viewer_component
edrawoffice_viewer_component
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.