Описание
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
Ссылки
- US Government Resource
- Patch
- US Government Resource
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 3.7 (включая)
Одно из
cpe:2.3:a:microsoft:intelligent_application_gateway_2007:*:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:intelligent_application_gateway_2007:*:sp1:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.74778
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
EPSS
Процентиль: 99%
0.74778
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119