Lucene search

K
cve[email protected]CVE-2007-2238
HistoryApr 16, 2009 - 3:12 p.m.

CVE-2007-2238

2009-04-1615:12:57
CWE-119
web.nvd.nist.gov
32
cve-2007-2238
buffer overflows
whale client components
activex control
microsoft iag
remote code execution
nvd

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.

Affected configurations

NVD
Node
microsoftintelligent_application_gateway_2007sp1
OR
microsoftintelligent_application_gateway_2007Range3.7sp1

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%