Buffer Overflow in Baidu Hi IM's CSTransfer.dll
CVE-2008-6444

Currently unrated

Key Information:

Vendor: Baidu
Status: Baidu Hi
Vendor: CVE Published:; 9 March 2009

What is CVE-2008-6444?

A stack-based buffer overflow vulnerability exists in the CSTransfer.dll component of Baidu Hi IM. This flaw can be exploited by remote attackers who send specially crafted packets to the application, potentially allowing them to execute arbitrary code on the affected system. The vulnerability stems from an improper length value being processed, making the software susceptible to attacks that could compromise system integrity and security.

References

http://www.securityfocus.com/archive/1/496322/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/31162

vdb-entryx_refsource_BID

http://osvdb.org/51696

vdb-entryx_refsource_OSVDB

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2009
Vulnerability Reserved
Mar 9, 2009