Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
BID:52673
Info
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
| Bugtraq ID: | 52673 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2012 12:00AM |
| Updated: | Mar 22 2012 12:00AM |
| Credit: | rgod |
| Vulnerable: |
Cisco Wireless-G PTZ Internet Video Camera WVC200 1.0.0.15 |
| Not Vulnerable: | |
Discussion
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
Cisco Wireless-G PTZ Internet Video Camera WVC200 is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using an affected ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
Cisco Wireless-G PTZ Internet Video Camera WVC200 1.0.0.15 is vulnerable; other versions may also be affected.
Cisco Wireless-G PTZ Internet Video Camera WVC200 is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using an affected ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
Cisco Wireless-G PTZ Internet Video Camera WVC200 1.0.0.15 is vulnerable; other versions may also be affected.
Exploit / POC
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to view a specially crafted webpage.
The following proof-of-concept is available:
To exploit this issue, an attacker must entice an unsuspecting user to view a specially crafted webpage.
The following proof-of-concept is available:
Solution / Fix
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
References:
References:
- Cisco Homepage (Cisco )