CERT-In Vulnerability Note CIVN-2009-58
Microsoft Whale IAG ActiveX Remote Buffer Overflow Vulnerability

Original Issue Date:April 29, 2009

Severity Rating: High

Systems Affected

• Microsoft Intelligent Application Gateway 2007 3.7 and prior

Overview

Multiple stack-based buffer-overflow vulnerabilities have been reported in Microsoft Whale Intelligent Application Gateway (IAG) 2007, which could allow unauthenticated remote attacker to execute arbitrary code on affected systems.

Description

The Microsoft Whale Intelligent Application Gateway (IAG) Whale Client Components ActiveX control (WhlMgr.dll) is vulnerable to stack-based buffer overflow vulnerability. This vulnerability is caused due to inadequate boundary checks on user supply data. A remote attacker could persuade a victim to visit a specially crafted web page that passes long arguments to methods CheckForUpdates() and UpdateComponent() which could trigger a stack based buffer overflow. Successful exploitation of this vulnerability could allow remote attacker to execute arbitrary code on the targeted system with the privileges of currently logged-in user or could cause browser application crash.

Solution

Vendor Information

US- CERT
http://www.kb.cert.org/vuls/id/789121

IBM ISS
http://xforce.iss.net/xforce/xfdb/49888

VUPEN Security
http://www.vupen.com/english/advisories/2009/1061

SecurityFocus
http://www.securityfocus.com/bid/34532

Secunia
http://secunia.com/advisories/34725/

CVE Name
CVE-2007-2238

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003