iMesh IMWeb.IMWebControl ActiveX (IMWeb.dll) SetHandler Method Arbitrary Code Execution

2007-12-18T00:00:00
ID OSVDB:40239
Type osvdb
Reporter OSVDB
Modified 2007-12-18T00:00:00

Description

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Set the kill-bit for the affected ActiveX control.

References:

Secunia Advisory ID:28134 Other Advisory URL: http://retrogod.altervista.org/rgod_imesh.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-12/0222.html FrSIRT Advisory: ADV-2007-4240 CVE-2007-6493