ActiveX Control Vulnerability in Edraw Office Viewer by EdrawSoft
CVE-2013-0501

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Disclosure Management
Vendor: CVE Published:; 12 April 2013

What is CVE-2013-0501?

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, utilized in the Edraw Office Viewer Component and IBM Cognos Disclosure Management, is susceptible to exploitation. Remote attackers can leverage this vulnerability to access sensitive files on a victim's machine or initiate the download and execution of malicious software through specially crafted websites, posing significant risks to endpoint security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82345

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21627070

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2013
Vulnerability Reserved
Dec 16, 2012