OSVDB ID: 80661

Title: TRENDnet SecurView TV-IP121WN ActiveX (UltraMJCamX.ocx) OpenFileDlg Method WideCharToMultiByte() Call Remote Overflow

Info

Disclosure

Mar 29, 2012

Discovery

Unknown

Dates

Exploit

Mar 28, 2012

Solution

Unknown

Description

SecurView is prone to an overflow condition related to the UltraMJCamX.ocx ActiveX control making an insecure WideCharToMultiByte() call. The 'OpenFileDlg()' method fails to properly sanitize user-supplied input resulting in a stack-based overflow. With a specially crafted overly long string, a remote attacker can potentially execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

TRENDnet

SecurView

v1.0R

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/80661