OSVDB ID: 36820

Title: Logitech VideoCall WebCamXMP ActiveX (wcamxmp.dll) Start() Method Overflow

Info

Disclosure

Jun 01, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A buffer overflow exists in VideoCall. The WebCamXMP ActiveX control fails to validate data passed to the Start() method resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
OSVDB: Web Related

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: set the kill-bit on the WebCamXMP ActiveX Control (CLSID {bf4c7b03-f381-4544-9a33-cb6dad2a87cd}). See Microsoft KB article 240797 for more details.

Products

Logitech

WebCamXMP ActiveX Control

2.0.3470.448

References

CVE ID: 2007-2918 (see also: NVD)
Bugtraq ID: 24254
Secunia Advisory ID: 25514
CERT VU: 330289
ISS X-Force ID: 34658
Metasploit ID: 36820
Related OSVDB ID: 36821 36822 36823 36824
VUPEN Advisory: ADV-2007-2018

Credit

Will Dormann - -

Direct URL: http://osvdb.org/36820