Dell Webcam 'crazytalk4.ocx' ActiveX Multiple BOF Vulnerabilities Network Vulnerability

Summary

This host is installed with Dell Webcam and is prone to multiple buffer overflow vulnerabilities.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application using the ActiveX control. Impact Level: System/Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

The flaws are due to boundary error when processing user-supplied input.

Affected

Dell Webcam

References

http://www.exploit-db.com/exploits/18621/
http://www.securityfocus.com/bid/52560/
http://www.securityfocus.com/bid/52571/

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ALLMediaServer Request Handling Buffer Overflow Vulnerability
Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
Apple Safari 'CSS' Buffer Overflow Vulnerability (Win) - Dec09
Adobe Flash Professional JPG Object Processing BOF Vulnerability (Mac OS X)
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)

Take action and discover your vulnerabilities