Main
Vulnerability Database
Exploits
ID:553 - Exploit for Stack-based buffer overflow in GLWorld - CVE-2008-0647
ID:553 - Exploit for Stack-based buffer overflow in GLWorld - CVE-2008-0647
Published: March 18, 2020
Vulnerability identifier: #VU1315
Vulnerability risk: Critical
CVE-ID: CVE-2008-0647
CWE-ID: CWE-119
Exploitation vector: Remote access
Vulnerable software:
GLWorld
GLWorld
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow in the ActiveX control (HanGamePluginCn18.dll). A remote attacker can create a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
The weakness exists due to stack-based buffer overflow in the ActiveX control (HanGamePluginCn18.dll). A remote attacker can create a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
Remediation
No remedy available.