Описание
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via an empty string in the argument to the ProcessRequestEx method.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.1.0 (включая)
cpe:2.3:a:imesh.com:imesh:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00635
Низкий
7.1 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via an empty string in the argument to the ProcessRequestEx method.
EPSS
Процентиль: 70%
0.00635
Низкий
7.1 High
CVSS2
Дефекты
CWE-20