header-logo
Suggest Exploit
vendor:
ViaVideo
by:
SecurityFocus
8.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: ViaVideo
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux, Windows
2002

Buffer Overflow Vulnerability in ViaVideo

A buffer overflow vulnerability has been reported for ViaVideo. An attacker can exploit this vulnerability by issuing excessively long 'GET' requests to ViaVideo devices. This will cause an error in the 'vvws.dll' library and will cause the ViaVideo service to crash. Although unconfirmed, it may be possible for a remote attacker to exploit this issue to execute arbitrary system commands with the privileges of the ViaVideo process.

Mitigation:

Upgrade to the latest version of ViaVideo
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5964/info

A buffer overflow vulnerability has been reported for ViaVideo.

An attacker can exploit this vulnerability by issuing excessively long 'GET' requests to ViaVideo devices. This will cause an error in the 'vvws.dll' library and will cause the ViaVideo service to crash.

Although unconfirmed, it may be possible for a remote attacker to exploit this issue to execute arbitrary system commands with the privileges of the ViaVideo process. 

perl -e 'print "GET " . "A" x 4132 . " HTTP/1.0\r\n\r\n";' | netcat 10.1.0.1 3603

Navigation

Suggest Exploit

Services By CQR