CVE-2007-2814

Name of the Vulnerable Software and Affected Versions Pegasus ImagN' ActiveX control (IMW32O40.OCX) version 4.00.041

Description The issue is related to multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved via a long FileName parameter or through various functions such as BeginReport, CreatePictureExA, DefineImage, DefineImageEx, DefineImageFox, CopyBufToClipExA, LoadEx, and LoadFox.

Recommendations For Pegasus ImagN' ActiveX control (IMW32O40.OCX) version 4.00.041, consider disabling the affected functions until a patch is available. Restrict access to the FileName parameter to minimize the risk of exploitation. Avoid using the BeginReport, CreatePictureExA, DefineImage, DefineImageEx, DefineImageFox, CopyBufToClipExA, LoadEx, and LoadFox functions in the affected ActiveX control until the issue is resolved.