IncrediMail.IMMenuShellExt.ActiveX.Control.Command.Execution
Description
There is a stack based buffer overflow vulnerability in the DoWebMenuAction function, in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll),
which may allow remote attackers to execute arbitrary code.
Affected Products
IncrediMail 2.x
IncrediMail 3.x
IncrediMail 5.x
Impact
System compromise, remote code execution.
Recommended Actions
Set the kill bit for the affected ActiveX control.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |