Back to KEVs

CVE-2008-0647

Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld...

Basic Information

CVE State
PUBLISHED
Reserved Date
February 07, 2008
Published Date
February 07, 2008
Last Updated
August 07, 2024
Vendor
Ourgame
Product
GLWorld
Description
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.

CVSS Scores

CVSS v2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2008-02-07 20:00:00 UTC) Source

References

http://www.securityfocus.com/bid/27626 http://www.vupen.com/english/advisories/2008/0427 https://www.exploit-db.com/exploits/5153 http://www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.html http://secunia.com/advisories/28809

Known Exploited Vulnerability Information

Source Added Date
CVE 2008-02-07 20:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel