Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6493

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6493
Last Modified 07 Mar 2011 10:02:49
Published 20 Dec 2007 03:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6493

Summary

The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.

Vulnerable Systems

Application

  • Imesh.com Imesh 7.1.0.37263


References

VUPEN - ADV-2007-4240

SECUNIA - 28134

MISC - http://retrogod.altervista.org/rgod_imesh.html

OSVDB - 40239

BUGTRAQ - 20071218 iMesh <= 7.1.0.x IMWebControl Class (IMWeb.dll 7.0.0.x) remote exploit


Last Updated: 27 May 2016 10:46:31