Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2014-01-15 08:08
Updated : 2018-10-09 12:42
NVD link : CVE-2014-1201
Mitre link : CVE-2014-1201
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
lorextechnology
- edge
- edge\+
- edge2
- edge3
lorex_technology
- edge2_lh330_firmware
- edge_lh310_firmware
- edge\+_lh320_firmware
- edge3_lh340_firmware