Threat Monitor
Troj.Downloader.HTML.Small.ac
| Aliase: | |
|---|---|
| Pattern: | 200907191330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
This malicious program exploits vulnerability CVE-2009-2169.
Edraw PDF Viewer Component is a lightweight ActiveX Control space which enables your applications to display and interact with PDF files.
Edraw PDF Viewer Component ActiveX control with the CLSID:44A8091F-8F01-43B7-8CF7-4BBA71E61E04 is prone to a vulnerability. The vulnerability exists due to the FtpDownloadFile() function in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx). It lets remote attackers download files to overwrite arbitrary local files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method when visiting a malicious website.
Affected Versions: EDraw PDF Viewer Component 3.2
Edraw PDF Viewer Component is a lightweight ActiveX Control space which enables your applications to display and interact with PDF files.
Edraw PDF Viewer Component ActiveX control with the CLSID:44A8091F-8F01-43B7-8CF7-4BBA71E61E04 is prone to a vulnerability. The vulnerability exists due to the FtpDownloadFile() function in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx). It lets remote attackers download files to overwrite arbitrary local files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method when visiting a malicious website.
Affected Versions: EDraw PDF Viewer Component 3.2
