CVE-2007-3168 | Vulnerability Database | Aqua Security

A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method.

Affected Software

Name	Vendor	Start Version	End Version
Office_viewer_component	Edraw	*	5.0 (including)
Office_viewer_component	Edraw	4.0.5.20 (including)	4.0.5.20 (including)

References

http://moaxb.blogspot.com/2007/05/moaxb-28-edraw-office-viewer-component.html
http://osvdb.org/36044
http://secunia.com/advisories/25418
http://shinnai.altervista.org/viewtopic.php?id=42\u0026t_id=31
http://www.ocxt.com/archives/28
http://www.securityfocus.com/bid/24230
http://www.vupen.com/english/advisories/2007/1992
https://exchange.xforce.ibmcloud.com/vulnerabilities/34588
https://www.exploit-db.com/exploits/4010
http://moaxb.blogspot.com/2007/05/moaxb-28-edraw-office-viewer-component.html
http://osvdb.org/36044
http://secunia.com/advisories/25418
http://shinnai.altervista.org/viewtopic.php?id=42\u0026t_id=31
http://www.ocxt.com/archives/28
http://www.securityfocus.com/bid/24230
http://www.vupen.com/english/advisories/2007/1992
https://exchange.xforce.ibmcloud.com/vulnerabilities/34588
https://www.exploit-db.com/exploits/4010

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3168
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html