Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Edraw PDF Viewer Component "pdfviewer.ocx" 任意文件上传漏洞
Vulnerability Description
Edraw PDF Viewer Component是轻型的ActiveX空间,允许应用程序显示和操作PDF文件 。 PDFVIEWER.PDFViewerCtrl.1 ActiveX控件(pdfviewer.ocx)所提供的FtpDownloadFile()方式没有正确地验证用户所提供的输入参数,如果用户受骗访问了恶意网页,就可能向系统上的任意位置下载文件 。
CVSS Information
N/A
Vulnerability Type
N/A