CVE-2007-2238

CVE Database · CVE-2007-2238

CVE-2007-2238

· N/AModified

CVSS v3.1

N/A

EPSS

45.53%

Published

Apr 16, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMicrosoft Whale Intelligent Application Gateway - ActiveX Control Buffer Overflow (Metasploit)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.

Weaknesses (CWE)

CWE-119

Affected Products (2)

microsoft · intelligent_application_gateway_2007vulnerable

References (10)

http://secunia.com/advisories/34725

http://www.kb.cert.org/vuls/id/789121

US Government Resource

http://www.securityfocus.com/bid/34532

Patch

http://www.vupen.com/english/advisories/2009/1061

https://exchange.xforce.ibmcloud.com/vulnerabilities/49888