Intrusion Prevention

IncrediMail.IMMenuShellExt.ActiveX.Control.Command.Execution

Description

There is a stack based buffer overflow vulnerability in the DoWebMenuAction function, in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll),
which may allow remote attackers to execute arbitrary code.

Affected Products

IncrediMail 2.x
IncrediMail 3.x
IncrediMail 5.x

Impact

System compromise, remote code execution.

Recommended Actions

Set the kill bit for the affected ActiveX control.

CVE References

CVE-2007-1683