Microsoft IAG 2007 ActiveX控件栈缓冲区溢出漏洞

BUGTRAQ ID: 34532 CVE ID：CVE-2007-2238 CNCVE ID：CNCVE-20072238 Microsoft Intelligent Application Gateway是一款智能应用程序网关，提供SSL VPN功能。 Microsoft Whale Intelligent Application Gateway Whale客户端组件ActiveX控件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。...

Stack overflow

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control WhlMgr.dll, as used in Microsoft Intelligent Application Gateway IAG before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the 1 CheckForUpdates or 2 UpdateComponents methods...