CVE-2009-1800

EXPLOITED IN THE WILD

Chinagames iGame 2009 - Stack-Based Buffer Overflow via CreateChinagames Method

Title source: llm

Exploitation Summary

CVE-2009-1800 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including etirah.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the CGAgent.dll ActiveX control via the CreateChinagames method. It uses a heap spray technique to achieve remote code execution by overwriting memory with shellcode.

Description

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by etirah · htmlremotewindows

https://www.exploit-db.com/exploits/8758

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the CGAgent.dll ActiveX control via the CreateChinagames method. It uses a heap spray technique to achieve remote code execution by overwriting memory with shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ChinaGames CGAgent.dll (version unspecified)

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled

MITRE ATT&CK