CVE-2007-2496 Information

Description

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand (2) FTPDownloadFile (3) FTPUploadFile (4) HttpUploadFile (5) GotoPage (6) Save (7) SaveWebFile (8) HttpDownloadFile (9) Open (10) OpenWebFile (11) SaveAs or (12) ShowWordStandardDialog property value.

Reference

http://moaxb.blogspot.com/2007/05/moaxb-03-wordviewerocx-32-multiple_03.html http://osvdb.org/34334 http://secunia.com/advisories/25100 http://www.securityfocus.com/bid/23784 http://www.vupen.com/english/advisories/2007/1634 https://exchange.xforce.ibmcloud.com/vulnerabilities/34027