CVE-2007-2238 Information

Description

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll) as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2 allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.

Reference

http://secunia.com/advisories/34725 http://www.kb.cert.org/vuls/id/789121 http://www.securityfocus.com/bid/34532 http://www.vupen.com/english/advisories/2009/1061 https://exchange.xforce.ibmcloud.com/vulnerabilities/49888