Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-10011

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-10011
Last Modified 14 Jan 2015 08:39:04
Published 13 Jan 2015 06:59:20
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-10011

Summary

Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long string to the (1) CGI_ParamSet, (2) OpenFileDlg, (3) SnapFileName, (4) Password, (5) SetCGIAPNAME, (6) AccountCode, or (7) RemoteHost function.

Vulnerable Systems


References

XF - trendnet-tvip422wn-bo(98948)

MISC - http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5211.php

MISC - http://www.zeroscience.mk/codes/trendnet_bof.txt

BID - 71292

MISC - http://packetstormsecurity.com/files/129262/TRENDnet-SecurView-Wireless-Network-Camera-TV-IP422WN-Buffer-Overflow.html


Last Updated: 27 May 2016 11:07:32