|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-07-04 | |
| Rule Name: | Microsoft Whale Intelligent Gateway Buffer Overflow Vulnerability (CVE-2007-2238) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:34532 http://www.kb.cert.org/vuls/id/789121 http://www.vupen.com/english/advisories/2009/1061 https://exchange.xforce.ibmcloud.com/vulnerabilities/49888 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://technet.microsoft.com/en-us/library/dd282918(printer).aspx |