Unrated severityNVD Advisory· Published Apr 16, 2009· Updated Apr 23, 2026

CVE-2007-2238

Description

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.

Affected products

Microsoft/Intelligent Application Gateway 2007
cpe:2.3:a:microsoft:intelligent_application_gateway_2007:*:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/34532nvdPatch
www.kb.cert.org/vuls/id/789121nvdUS Government Resource
secunia.com/advisories/34725nvd
www.vupen.com/english/advisories/2009/1061nvd
exchange.xforce.ibmcloud.com/vulnerabilities/49888nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.061
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000