PT-2015-5605 · Webgate · Webgate Edvr Manager

Rgod

Publicado

2015-02-27

Atualizado

2021-08-03

CVE-2015-2098

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions WebGate eDVR Manager (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code via unspecified vectors to various functions and properties in the WebGate eDVR Manager controls, including the Connect, ConnectEx, and ConnectEx2 functions in the WESPEvent.WESPEventCtrl.1 control, the AudioOnlySiteChannel function in the WESPPlayback.WESPPlaybackCtrl.1 control, and the OpenDVrSSite function in the WESPPTZ.WESPPTZCtrl.1 control. Additionally, the SiteChannel and SiteName properties in the WESPPlayback.WESPPlaybackCtrl.1 control are also affected. This is a result of multiple stack-based buffer overflows.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

CVE-2015-2098

ZDI-15-058

ZDI-15-060

ZDI-15-061

ZDI-15-064

ZDI-15-065

ZDI-15-066

Produtos afetados

Webgate Edvr Manager

PT-2015-5605 · Webgate · Webgate Edvr Manager

CVE-2015-2098

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 16