CVE-2007-1683

IncrediMail IMMenuShellExt ActiveX Control - Stack-based Buffer Overflow in DoWebMenuAction

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-1683. PoCs published by Lincoln, Umesh Wanve.

AI-analyzed exploit summary This exploit targets a SEH-based buffer overflow vulnerability in Incredimail's ImShExtU.dll ActiveX control. It uses a long string of 'A' characters to trigger memory corruption via the DoWebMenuAction method.

Description

Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Lincoln · htmldoswindows
https://www.exploit-db.com/exploits/12605

This exploit targets a SEH-based buffer overflow vulnerability in Incredimail's ImShExtU.dll ActiveX control. It uses a long string of 'A' characters to trigger memory corruption via the DoWebMenuAction method.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Incredimail (ImShExtU.dll)
No auth needed
Prerequisites: Victim must open the malicious HTML file in a browser with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Umesh Wanve · htmlremotewindows
https://www.exploit-db.com/exploits/3877

This exploit targets a buffer overflow vulnerability in the IncrediMail IMMenuShellExt ActiveX control. It uses a crafted string to overflow the buffer and execute shellcode that launches the calculator application on the vulnerable system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IncrediMail IMMenuShellExt ActiveX Control
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · IncrediMail with vulnerable IMMenuShellExt ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33928
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23674
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1551
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/34331
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25051
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/906777

Scores

EPSS 0.3774
EPSS Percentile 98.4%

Details

Status published
Products (1)
incredimail/immenushellext_activex_control
Published Apr 26, 2007
Tracked Since Feb 18, 2026