CVE-2013-0501

Published: Apr 12, 2013Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client machine and execute this program, via a crafted web site.

Affected (1)

Products: Ibm: Cognos Disclosure Management

1 product

Cognos Disclosure Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Cognos Disclosure Management	Version 10.2.0

Related CWEs

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21627070

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/82345

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=swg21627070

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/82345

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.