PT-2014-3301 · Daum · Daumgame Activex
Daniel Chechik
·
Publicado
2014-01-30
·
Atualizado
2017-08-29
·
CVE-2013-7246
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
DaumGame ActiveX plugin versions 1.1.0.4 through 1.1.0.5
Description
The issue is related to a buffer overflow in the
IconCreate method of an ActiveX control. This allows remote attackers to execute arbitrary code via a long string. The issue has been exploited in the wild.Recommendations
For DaumGame ActiveX plugin versions 1.1.0.4 and 1.1.0.5, consider disabling the
IconCreate method as a temporary workaround until a patch is available.Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Daumgame Activex