OSVDB ID: 54458 Title: D-Link MPEG4 Viewer ActiveX (csviewer.ocx) Multiple Method Overflows |
Info |
|
|
Dates |
||||
|
|
Description |
A buffer overflow exists in D-Link MPEG4 Viewer Active X Control. csviewer.ocx fails to validate data passed to the SetFilePath() and SetClientCookie() methods leading to a heap overflow. With a specially crafted web site, a context-dependent attacker can cause arbitrary code execution resulting in a loss of availability. |
Classification |
Location:
Remote / Network Access,
Local / Remote,
Context Dependent
Attack Type: Input Manipulation Impact: Loss of Integrity OSVDB: Web Related |
Solution |
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. |
Products |
Unknown or Incomplete |
References |
Credit |
|