KEVIntel
PRO Back to KEVs
7.5
CVSS
High

CVE-2009-1800

PUBLISHED

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote...

Not yet in CISA KEV

Exploited in the wild Remote Low complexity
Vendor
Chinagames
Product
iGame
Published
May 28, 2009
EPSS

Automate This Intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information.

CVSS Scores

CVSS v2.0 7.5 High

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation Status

Exploited in the wild

Recorded 2009-05-28 14:00:00 UTC · CVE

References

Known Exploited Vulnerability Sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CVE First 2009-05-28 14:00 UTC

Timeline

  • Added to KEVIntel

  • CVE Published to Public

  • CVE ID Reserved