Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in the Provideo ActiveX controls allow remote attackers to execute arbitrary code via crafted input fields, as demonstrated by (1) a long strIp argument to the voice method in 2way.dll in the alarm 1.0.3.1 ActiveX control, (2) a network response to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, the (3) UserName or (4) Password parameter to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, (5) a long Id parameter to the GetString method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control, or (6) a long strAdr parameter to the ConnectIPCam method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Provideo ActiveX控件多个缓冲区溢出漏洞
Vulnerability Description
Provideo提供一系列监控产品。 Provideo ActiveX控件中存在多个缓冲区溢出漏洞。远程攻击者可利用此漏洞在使用ActiveX控件的应用程序中执行任意代码,造成拒绝服务。 (1)在处理“voice()”方法时,alarm ActiveX控件(2way.dll)中存在边界错误,通过超长的“strIp”参数可造成栈缓冲区溢出; (2)从通过“URL”和“CtrlPort”对象参数指定的设备连接接收网络响应时,GMAXPlayer ActiveX控件中存在边界条件,可造成栈缓冲区溢出; (3)在
CVSS Information
N/A
Vulnerability Type
N/A