Baidu Soba Search Bar BaiduBar.DLL ActiveX Control Remote Code Execution Vulnerability

info
discussion
exploit
solution
references

Baidu Soba Search Bar BaiduBar.DLL ActiveX Control Remote Code Execution Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted web page.

UPDATE (October 3, 2007): Further investigation indicates that this issue is being actively exploited in the wild.

The following exploit code is available:

/data/vulnerabilities/exploits/25121.html