Be Wary Of The Edraw PDF Viewer ActiveX Control Vulnerability

I am back again, unfortunately with the purpose of telling you about another vulnerability which has been discovered. I hate to be the one to break the news to you, yet unfortunately I am here to do just that. The bad news is that an Active X remote code execution vulnerability has been located in the Edraw PDF viewer. The risk of this vulnerability is that it may, as usual, be exploited by malicious characters.

There are some very scary reasons directly related as to why this vulnerability has come to be. What happens is that the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) provides an insecure "FtpDownloadFile()" method. This is dangerous due to the fact that, if it is exploited in the correct manner, it will result in files being downloaded to random locations on the systems of users, when they are browsing specific malicious websites.

Edraw comes from the Vendor EDrawSoft, Inc. and is a remarkable tool to use. Edraw is a PDF viewer component which is actually joined with a light weight ActiveX Control. It allows for all your applications to interact as well as view all the PDF files. It provides its user with extremely high speed viewing of these PDF documents to applications with ease. You are probably wondering what the difference between Edraw and Adobe Reader is. You may be interested to know that Edraw and Abobe Reader are virtually identical. Some of the files of Adobe reader may include but are not limited to the following: SIGSEL.EXE, _ISDEL.EXE, SETUP.EXE, STMCREAT.EXE, SIGINT.EXE as well as SignItA4Trial.exe.

This is one of those vulnerabilities that if effectively exploited, may allow for the execution of arbitrary code. Another impact of this vulnerability includes system access by unscrupulous characters without any authorization what so ever.

You may be wondering which versions of Edraw, this vulnerability actively affects? This is a good question and the answer is pretty simple. The answer is that Edraw PDF Viewer Component 3.2.0.126 is affected. It is extremely important for all Edraw users to be on guard due to the fact that there is quite a high risk that other versions may also be affected. All in all it may be a good idea to apply all relevant patches and to be cautious of this vulnerability.