Two vulnerabilities has been identified which is connected to ActiveX. The programs that can be affected are PowerPoint Viewer 3.1.0.3 and its earlier versions and Excel Viewer.

FrSirt has made a comment on the PowerPoint Viewer flaw and it said “This issue is caused by a buffer overflow error in ‘PowerPointViewer.ocx’ when calling certain methods e.g. ‘HttpDownloadFile()’ with overly long arguments, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.”

The flaw in the Excel Viewer can let an attacker take-over the affected computer. Secunia gave this flaw a rating of highly critical.

Source: The Register