The vulnerability exists within the MetaDraw ActiveX control's ObjLinks property. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8, 9) to connect to it.
CVE Link
Exploit Platform
Exploit Type
Product Name