CVE-2008-0634

Sejoong Namo ActiveSquare6 - Buffer Overflow via NamoInstaller.NamoInstall.1 ActiveX Install Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0634. PoCs published by plan-s.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in NamoInstaller.dll (CVE-2008-0634) via a malicious HTML file. It uses heap spraying to execute shellcode (calc.exe) when the vulnerable 'Install' method is called.

Description

Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.

Exploits (1)

exploitdb WORKING POC VERIFIED
by plan-s · htmlremotewindows
https://www.exploit-db.com/exploits/5045

This exploit targets a buffer overflow vulnerability in NamoInstaller.dll (CVE-2008-0634) via a malicious HTML file. It uses heap spraying to execute shellcode (calc.exe) when the vulnerable 'Install' method is called.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sejoong Namo ActiveSquare6 NamoInstaller.dll version 3.0.0.1
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer · NamoInstaller.dll version 3.0.0.1 must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5045
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28649
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40199

Scores

EPSS 0.0465
EPSS Percentile 90.5%

Details

CWE
CWE-119
Status published
Products (2)
sejoong_namo/activesquare 6
sejoong_namo/namoinstall.1_activex_control 3.0.0.1
Published Feb 06, 2008
Tracked Since Feb 18, 2026