exploitDog

CVE-2015-1000

Опубликовано: 05 июн. 2015

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.

Ссылки

http://www.securityfocus.com/bid/74966
http://zerodayinitiative.com/advisories/ZDI-15-120/
https://ics-cert.us-cert.gov/advisories/ICSA-15-153-02
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/74966
http://zerodayinitiative.com/advisories/ZDI-15-120/
https://ics-cert.us-cert.gov/advisories/ICSA-15-153-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:moxa:softcms:*:*:*:*:*:*:*:*

Версия до 1.2 (включая)

EPSS

Процентиль: 87%

0.0358

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-9x6v-mq83-vx5v

github

больше 3 лет назад

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.

EPSS

Процентиль: 87%

0.0358

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119