Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6492

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2007-6492
Last Modified 07 Mar 2011 10:02:49
Published 20 Dec 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6492

Summary

The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via an empty string in the argument to the ProcessRequestEx method.

Vulnerable Systems

Application

  • Imesh.com Imesh 7.1.0


References

VUPEN - ADV-2007-4240

SECUNIA - 28134

MISC - http://retrogod.altervista.org/rgod_imesh.html

OSVDB - 40240

BUGTRAQ - 20071218 iMesh <= 7.1.0.x IMWebControl Class (IMWeb.dll 7.0.0.x) remote exploit


Last Updated: 27 May 2016 10:46:31