CVE-2008-0647
published 2008-02-07CVE-2008-0647: Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka…
PriorityP265critical10CVSS 2.0
AVNACLAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
7.30%
93.6th percentile
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ourgame.com | glworld | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts targeting the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control via calls to hgs_startGame or hgs_startNotify with abnormally long string arguments, indicative of stack-based buffer overflow exploitation. ↗
- →This vulnerability was exploited in the wild as of February 2008; prioritize detection on systems with HanGamePluginCn18.dll present in the browser plugin path. ↗
- →Monitor for ActiveX instantiation of the ProgID HanGamePluginCn18.HanGamePluginCn18.1 in browser processes, particularly followed by method calls with large argument buffers. ↗
- ·Some vulnerability details are derived from third-party sources and may not be fully verified by the primary vendor. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-237j-ffh5-w965: Multiple stack-based buffer overflows in the HanGamePluginCn18
ghsa_unreviewed·2022-05-01
CVE-2008-0647 [HIGH] CWE-119 GHSA-237j-ffh5-w965: Multiple stack-based buffer overflows in the HanGamePluginCn18
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
VulnCheck
ourgame.com glworld Improper Restriction of Operations within the Bounds of a Memory Buffer
vulncheck·2008·CVSS 10.0
CVE-2008-0647 [CRITICAL] ourgame.com glworld Improper Restriction of Operations within the Bounds of a Memory Buffer
ourgame.com glworld Improper Restriction of Operations within the Bounds of a Memory Buffer
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
Affected: ourgame.com glworld
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.cve.org/CVERecord?id=CVE-2008-0647
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/28809http://www.securityfocus.com/bid/27626http://www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.htmlhttp://www.vupen.com/english/advisories/2008/0427https://www.exploit-db.com/exploits/5153http://secunia.com/advisories/28809http://www.securityfocus.com/bid/27626http://www.symantec.com/enterprise/security_response/weblog/2008/02/zeroday_exploit_for_lianzong_g.htmlhttp://www.vupen.com/english/advisories/2008/0427https://www.exploit-db.com/exploits/5153
2008-02-07
Published
Exploited in the wild