CyberSec.Space Logo
Back to CVE Browser

CVE-2008-6444

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile14.24th
PublishedMar 9, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.

Affected Platforms (CPE)

πŸ“¦
Baidu

Baidu Hi

All versions

References & Advisories

πŸ”— http://osvdb.org/51696
πŸ”— http://www.securityfocus.com/archive/1/496322/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/31162
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/45117
πŸ”— http://osvdb.org/51696
πŸ”— http://www.securityfocus.com/archive/1/496322/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/31162
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/45117

Related Vulnerabilities

CVE-2020-54999.8

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs a...

CVE-2007-41059.3

A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a req...

CVE-2021-443028.8

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /u...

CVE-2016-106978.1

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer do...