CVE-2012-0284

Related Files

Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

Posted Aug 3, 2012

Authored by Carsten Eiram, juan | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.

tags | exploit, web, overflow, code execution

systems | cisco

advisories | CVE-2012-0284

SHA-256 | 5a88ff9a13dc712f648150200591ec804a09cb0631600c4db7449f3c17604a4b

Download | Favorite | View

Cisco Linksys PlayerPT Active-X SetSource() Buffer Overflow

Posted Jul 17, 2012

Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code. Cisco Linksys PlayerPT ActiveX Control version 1.0.0.15 is affected. Other versions may also be affected.

tags | advisory, overflow, arbitrary, activex

systems | cisco

advisories | CVE-2012-0284

SHA-256 | a88c10267158fe9cf2d434bc63948819deb102117186a70288596b16e3102081

Download | Favorite | View