IBM eGatherer ActiveX RunEgatherer buffer overflow

Added: 08/21/2006
CVE: CVE-2006-4221
BID: 19554
OSVDB: 27976

Background

The eGatherer ActiveX control is installed with IBM Access Support.

Problem

A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the RunEgatherer function.

Resolution

An update is available from http://www-307.ibm.com/pc/support/IbmEgath.cab.

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0503.html

Limitations

Exploit works with IBM Message Center 2.102b. A user must load the exploit page on a vulnerable computer in order for the exploit to succeed.

Platforms

Windows 2000
Windows XP

Back to exploit index