Intrusion Prevention



A vulnerability has been identified in IBM eGatherer ActiveX Control, which could be exploited by remote attackers to take complete control of an affected system. This flaw is due to a buffer overflow error when processing an overly long argument passed to the "RunEgatherer" method, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by tricking a user into visiting a specially crafted web page.

Affected Products

IBM eGatherer 2.42.243
IBM eGatherer 2.0 .16


Denial of Service or execute arbitrary commands.

Recommended Actions

Upgrade to eGatherer ActiveX control 3.20.0284.0 :

CVE References