CVE-2008-1307

Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 - Heap-Based Buffer Overflow via SetUninstallName Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1307. PoCs published by void.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in KingSoft UpdateOcx2.dll via the SetUninstallName() method. It uses a long string of Unicode characters to trigger the overflow, leading to potential remote code execution.

Description

Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by void · htmldoswindows

https://www.exploit-db.com/exploits/5225

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in KingSoft UpdateOcx2.dll via the SetUninstallName() method. It uses a long string of Unicode characters to trigger the overflow, leading to potential remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Kingsoft Antivirus Online Update Module (UpdateOcx2.dll, version 2007,12,29,29)

No auth needed

Prerequisites: Target system with vulnerable KingSoft UpdateOcx2.dll installed · Browser or environment to render the HTML/JavaScript exploit

MITRE ATT&CK