CVE-2007-3168

EDraw Office Viewer Component < 5.0 - Arbitrary File Deletion via DeleteLocalFile Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3168. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages an unsafe method in the EDraw Office Viewer ActiveX control to delete the system.ini file on the target system. It uses VBScript to invoke the vulnerable method via a button click in a web page.

Description

A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4010

View Code ZIP pw:eip

This exploit leverages an unsafe method in the EDraw Office Viewer ActiveX control to delete the system.ini file on the target system. It uses VBScript to invoke the vulnerable method via a button click in a web page.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: EDraw Office Viewer Component (edrawofficeviewer.ocx v. 4.0.5.20)

No auth needed

Prerequisites: Target must have the vulnerable ActiveX control installed and enabled in Internet Explorer

MITRE ATT&CK