TRENDnet TV-IP121WN ActiveX Control 'OpenFileDlg()' Method Buffer Overflow Vulnerability

Bugtraq ID:	52760
Class:	Boundary Condition Error
CVE:	CVE-2012-4876
Remote:	Yes
Local:	No
Published:	Mar 28 2012 12:00AM
Updated:	Mar 19 2015 07:35AM
Credit:	nospam
Vulnerable:	Trendnet TV-IP121WN 0
Not Vulnerable:

TRENDnet TV-IP121WN ActiveX Control 'OpenFileDlg()' Method Buffer Overflow Vulnerability

TRENDnet TV-IP121WN is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the application, typically Internet Explorer, that uses the ActiveX control. Failed exploit attempts will result in denial-of-service conditions.

TRENDnet TV-IP121WN ActiveX Control 'OpenFileDlg()' Method Buffer Overflow Vulnerability

An attacker may exploit this issue by enticing a victim into visiting a malicious webpage.

The following example exploits are available:

• /data/vulnerabilities/exploits/52760.htm
• /data/vulnerabilities/exploits/52760.rb

TRENDnet TV-IP121WN ActiveX Control 'OpenFileDlg()' Method Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

TRENDnet TV-IP121WN ActiveX Control 'OpenFileDlg()' Method Buffer Overflow Vulnerability

References:

• Microsoft Knowledge Base Article 240797 (Microsoft)
  
• TV-IP121WN Homepage (Trendnet)
  
• TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Contro (nospam)
  
• TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Contro (nospam)