Vulnerability Details CVE-2007-2238
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.763
EPSS Ranking 98.9%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/34725
- http://www.kb.cert.org/vuls/id/789121
- http://www.securityfocus.com/bid/34532
- http://www.vupen.com/english/advisories/2009/1061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49888
- http://secunia.com/advisories/34725
- http://www.kb.cert.org/vuls/id/789121
- http://www.securityfocus.com/bid/34532
- http://www.vupen.com/english/advisories/2009/1061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49888
Products affected by CVE-2007-2238
-
cpe:2.3:a:microsoft:intelligent_application_gateway_2007:*