PT-2010-5370 · Camtron+1 · Camtron Cmnc-200+1
Published
2010-11-16
·
Updated
2018-10-10
·
CVE-2010-4230
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008
Description
The issue is related to a stack-based buffer overflow in a certain ActiveX control. This allows remote attackers to execute arbitrary code via a long string in the first argument to the
connect method.Recommendations
For Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008, consider disabling the
connect method until a patch is available. Restrict access to the affected ActiveX control to minimize the risk of exploitation.Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Camtron Cmnc-200
Tecvoz Cmnc-200