Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EDraw Flowchart ActiveX控件任意文件覆盖漏洞
Vulnerability Description
EDraw Flowchart是EDraw Office查看器组件中的流程图工具。 Flowchart所带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Flowchart工具所安装的EDIMAGE.EDImageCtrl.1 ActiveX控件(EDImage.ocx)没有安全地处理对HttpDownloadFile()方式的输入,如果用户受骗访问了恶意网页并向该方式传送了恶意参数的话,就可能导致向用户系统上的任意位置下载任意文件。
CVSS Information
N/A
Vulnerability Type
N/A