This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by
The remote host contains the Office Viewer Component, an ActiveX
control for working with Microsoft Office documents.
The version of this control installed on the remote host contains a
buffer overflow in its 'HttpDownloadFile' method that could be
exploited to execute arbitrary code remotely if an attacker can trick
a user on the affected host into visiting a specially crafted web
In addition, it also allows an attacker to delete arbitrary files via
the 'DeleteLocalFile' method.
See also :
Upgrade to Office Viewer Component version 5 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.0
Public Exploit Available : true