CVE-2007-6493

Published: Dec 20, 2007Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.

Affected (1)

Products: Imesh.com: Imesh

Imesh.com

1 product

Imesh

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Imesh.com Imesh	Up to 7.1.0.37263

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://osvdb.org/40239

Source: cve@mitre.org

http://retrogod.altervista.org/rgod_imesh.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/28134

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/485261/100/0/threaded

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/4240

Source: cve@mitre.org

http://osvdb.org/40239