cvelistv5 - CVE-2012-0284

CVE-2012-0284 (GCVE-0-2012-0284)

Vulnerability from cvelistv5

Published

2012-07-19 15:00

Modified

2024-08-06 18:23

Severity ?

CWE

Summary

References

URL

Tags

PSIRT-CNA@flexerasoftware.com	http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html	Broken Link
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2012-25/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/54588	Third Party Advisory, VDB Entry
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1027259	Third Party Advisory, VDB Entry
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/77085
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2012-25/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/54588	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027259	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/77085

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:23:29.190Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2012-25/"
          },
          {
            "name": "cisco-linksys-activex-bo(77085)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
          },
          {
            "name": "20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control \"SetSource()\" Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
          },
          {
            "name": "54588",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/54588"
          },
          {
            "name": "1027259",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027259"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-07-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2012-25/"
        },
        {
          "name": "cisco-linksys-activex-bo(77085)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
        },
        {
          "name": "20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control \"SetSource()\" Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
        },
        {
          "name": "54588",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/54588"
        },
        {
          "name": "1027259",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027259"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2012-0284",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secunia.com/secunia_research/2012-25/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2012-25/"
            },
            {
              "name": "cisco-linksys-activex-bo(77085)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
            },
            {
              "name": "20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control \"SetSource()\" Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
            },
            {
              "name": "54588",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/54588"
            },
            {
              "name": "1027259",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027259"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2012-0284",
    "datePublished": "2012-07-19T15:00:00",
    "dateReserved": "2011-12-30T00:00:00",
    "dateUpdated": "2024-08-06T18:23:29.190Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0284\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2012-07-19T15:55:02.673\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument).\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer basado en pila en el m\u00e9todo SetSource en el control ActiveX Cisco Linksys PlayerPT v1.0.0.15 en PlayerPT.ocx en la c\u00e1mara de v\u00eddeo de Internet Cisco WVC200 Wireless-G PTZ, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una URL demasiado larga en el primer argumento (argumento sURL).\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:linksys_playerpt_activex_control:1.0.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB2B3F70-9638-4E78-B097-6BFAAD522094\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:wvc200_wireless-g_ptz_internet_video_camera:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1604FF3-C704-440E-AD72-4E5A3440F9DF\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/secunia_research/2012-25/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/54588\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1027259\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/77085\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/secunia_research/2012-25/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/54588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1027259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/77085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2012-0284

Vulnerability from fkie_nvd

Published

2012-07-19 15:55

Modified

2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html	Broken Link
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2012-25/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/54588	Third Party Advisory, VDB Entry
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1027259	Third Party Advisory, VDB Entry
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/77085
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2012-25/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/54588	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027259	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/77085

Impacted products

	Vendor	Product	Version
	cisco	linksys_playerpt_activex_control	1.0.0.15
	cisco	wvc200_wireless-g_ptz_internet_video_camera	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:linksys_playerpt_activex_control:1.0.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2B3F70-9638-4E78-B097-6BFAAD522094",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:wvc200_wireless-g_ptz_internet_video_camera:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1604FF3-C704-440E-AD72-4E5A3440F9DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument)."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en el m\u00e9todo SetSource en el control ActiveX Cisco Linksys PlayerPT v1.0.0.15 en PlayerPT.ocx en la c\u00e1mara de v\u00eddeo de Internet Cisco WVC200 Wireless-G PTZ, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una URL demasiado larga en el primer argumento (argumento sURL).\r\n"
    }
  ],
  "id": "CVE-2012-0284",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-07-19T15:55:02.673",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2012-25/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/54588"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1027259"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2012-25/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/54588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1027259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument). Cisco Linksys PlayerPT ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. Cisco Linksys PlayerPT 1.0.0.15 is vulnerable; other versions may also be affected.

====================================================================== 2) Severity

Rating: Highly critical Impact: System compromise Where: Remote

====================================================================== 3) Description of Vulnerability

Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. The ActiveX control is marked safe-for-scripting and one of the provided methods is: "SetSource()", which is used to set the source of the footage to view. The method accepts five string arguments where the first ("sURL") is the URL to the footage.

When a web page instantiates the ActiveX control and invokes the "SetSource()" method, the function in PlayerPT.ocx responsible for handling this method is called. The function performs various checks on the supplied arguments including a check to determine if the "sFrameType" string (2nd argument) is set to "mpeg". If so, the function searches for and strips "img/video.asf" from the provided URL in the "sURL" argument; if not, "img/mjpeg.cgi" is used.

The URL is stored to a CString object and URLs to various resources are crafted based on the base URL including an URL to the "img/query.cgi" resource. Later, this URL is copied into a 256 byte stack buffer via a call to sprintf() without performing any size checks. This can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted URL.

Successful exploitation allows execution of arbitrary code.

====================================================================== 4) Solution

According to the vendor, the ActiveX control is bundled only with products considered EOL and, therefore, itself considered EOL. The vendor is currently working on getting the kill-bit set.

As a workaround, set the kill-bit for the following CLSID: * {9E065E4A-BD9D-4547-8F90-985DC62A5591}

====================================================================== 5) Time Table

23/03/2012 - Vulnerability discovered while analysing public report of similar vulnerability (SA48543#1). 23/03/2012 - Vendor notified. 02/04/2012 - Vendor response (WVC200 product bundling the ActiveX control has become EOL). 03/04/2012 - Vendor informed that ActiveX control should have kill-bit set if considered EOL and asked to confirm that no currently supported products bundle it. 13/04/2012 - Status update requested. 15/04/2012 - Vendor response (currently checking which products bundle the ActiveX control and looking into setting kill-bit). 21/06/2012 - Status update requested. 13/07/2012 - Status update requested. 13/07/2012 - Vendor response (determined that no supported products bundle the vulnerable ActiveX control and looking into setting kill-bit). 17/07/2012 - Public disclosure.

====================================================================== 6) Credits

Discovered by Carsten Eiram, Secunia Research.

====================================================================== 7) References

The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2012-0284 for the vulnerability.

====================================================================== 8) About Secunia

Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

====================================================================== 9) Verification

Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2012-25/

Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/

======================================================================

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201207-0320",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "linksys playerpt activex control",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "cisco",
        "version": "1.0.0.15"
      },
      {
        "model": "wireless-g ptz internet video camera wvc200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "54588"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:linksys_playerpt_activex_control",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Carsten Eiram",
    "sources": [
      {
        "db": "BID",
        "id": "54588"
      },
      {
        "db": "PACKETSTORM",
        "id": "114807"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2012-0284",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-0284",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-53565",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-0284",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-0284",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201207-391",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-53565",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2012-0284",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument). Cisco Linksys PlayerPT ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. \nAn attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer).  Failed attacks will likely cause denial-of-service conditions. \nCisco Linksys PlayerPT 1.0.0.15 is vulnerable; other versions may also be affected. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System compromise\nWhere:  Remote\n\n====================================================================== \n3) Description of Vulnerability\n\nSecunia Research has discovered a vulnerability in Cisco Linksys \nPlayerPT ActiveX Control, which can be exploited by malicious people \nto compromise a user\u0027s system. The ActiveX control is \nmarked safe-for-scripting and one of the provided methods is: \n\"SetSource()\", which is used to set the source of the footage to view. \nThe method accepts five string arguments where the first (\"sURL\") is \nthe URL to the footage. \n\nWhen a web page instantiates the ActiveX control and invokes the \n\"SetSource()\" method, the function in PlayerPT.ocx responsible for \nhandling this method is called. The function performs various checks \non the supplied arguments including a check to determine if the \n\"sFrameType\" string (2nd argument) is set to \"mpeg\". If so, the \nfunction searches for and strips \"img/video.asf\" from the provided URL\nin the \"sURL\" argument; if not, \"img/mjpeg.cgi\" is used. \n\nThe URL is stored to a CString object and URLs to various resources \nare crafted based on the base URL including an URL to the \n\"img/query.cgi\" resource. Later, this URL is copied into a 256 byte \nstack buffer via a call to sprintf() without performing any size \nchecks. This can be exploited to cause a stack-based buffer overflow \nvia an overly long, specially crafted URL. \n\nSuccessful exploitation allows execution of arbitrary code. \n\n====================================================================== \n4) Solution \n\nAccording to the vendor, the ActiveX control is bundled only with \nproducts considered EOL and, therefore, itself considered EOL. The \nvendor is currently working on getting the kill-bit set. \n\nAs a workaround, set the kill-bit for the following CLSID:\n* {9E065E4A-BD9D-4547-8F90-985DC62A5591}\n\n====================================================================== \n5) Time Table \n\n23/03/2012 - Vulnerability discovered while analysing public report of \n             similar vulnerability (SA48543#1). \n23/03/2012 - Vendor notified. \n02/04/2012 - Vendor response (WVC200 product bundling the ActiveX \n             control has become EOL). \n03/04/2012 - Vendor informed that ActiveX control should have kill-bit \n             set if considered EOL and asked to confirm that no \n             currently supported products bundle it. \n13/04/2012 - Status update requested. \n15/04/2012 - Vendor response (currently checking which products bundle\n             the ActiveX control and looking into setting kill-bit). \n21/06/2012 - Status update requested. \n13/07/2012 - Status update requested. \n13/07/2012 - Vendor response (determined that no supported products \n             bundle the vulnerable ActiveX control and looking into \n             setting kill-bit). \n17/07/2012 - Public disclosure. \n\n====================================================================== \n6) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n7) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nCVE-2012-0284 for the vulnerability. \n\n====================================================================== \n8) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n9) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2012-25/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "BID",
        "id": "54588"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "db": "PACKETSTORM",
        "id": "114807"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20202",
        "trust": 0.2,
        "type": "exploit"
      },
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-53565",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-0284",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "54588",
        "trust": 1.5
      },
      {
        "db": "SECTRACK",
        "id": "1027259",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "20194",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "114807",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "20202",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "115237",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18641",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-74089",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-72707",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-53565",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "db": "BID",
        "id": "54588"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "PACKETSTORM",
        "id": "114807"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "id": "VAR-201207-0320",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      }
    ],
    "trust": 0.7
  },
  "last_update_date": "2024-11-23T22:56:43.392000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Cisco WVC200 Wireless-G PTZ Internet Video Camera - Audio",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/US/products/ps9946/index.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://secunia.com/secunia_research/2012-25/"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/54588"
      },
      {
        "trust": 1.2,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id?1027259"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0284"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0284"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20194"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26433"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.exploit-db.com/exploits/20202/"
      },
      {
        "trust": 0.1,
        "url": "https://www.rapid7.com/db/modules/exploit/windows/browser/cisco_playerpt_setsource_surl"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/corporate/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/mailing_lists/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0284"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "PACKETSTORM",
        "id": "114807"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "db": "BID",
        "id": "54588"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "db": "PACKETSTORM",
        "id": "114807"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-07-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "date": "2012-07-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "date": "2012-07-17T00:00:00",
        "db": "BID",
        "id": "54588"
      },
      {
        "date": "2012-07-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "date": "2012-07-17T21:36:33",
        "db": "PACKETSTORM",
        "id": "114807"
      },
      {
        "date": "2012-07-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "date": "2012-07-19T15:55:02.673000",
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53565"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-0284"
      },
      {
        "date": "2012-07-17T00:00:00",
        "db": "BID",
        "id": "54588"
      },
      {
        "date": "2012-07-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      },
      {
        "date": "2012-07-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      },
      {
        "date": "2024-11-21T01:34:43.157000",
        "db": "NVD",
        "id": "CVE-2012-0284"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Linksys PlayerPT ActiveX Stack-based buffer overflow vulnerability in Control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003237"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-391"
      }
    ],
    "trust": 0.6
  }
}

ghsa-3fwh-jp92-hm8g

Vulnerability from github

Published

2022-05-04 00:29

Modified

2025-04-11 03:59

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-0284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-07-19T15:55:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument).",
  "id": "GHSA-3fwh-jp92-hm8g",
  "modified": "2025-04-11T03:59:34Z",
  "published": "2022-05-04T00:29:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0284"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2012-25"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/54588"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027259"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2012-0284

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2012-0284

Aliases

CVE-2012-0284

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-0284",
    "description": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument).",
    "id": "GSD-2012-0284",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2012-0284"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-0284"
      ],
      "details": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument).",
      "id": "GSD-2012-0284",
      "modified": "2023-12-13T01:20:14.063647Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2012-0284",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/secunia_research/2012-25/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2012-25/"
          },
          {
            "name": "cisco-linksys-activex-bo(77085)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
          },
          {
            "name": "20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control \"SetSource()\" Buffer Overflow",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
          },
          {
            "name": "54588",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/54588"
          },
          {
            "name": "1027259",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027259"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:linksys_playerpt_activex_control:1.0.0.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:wvc200_wireless-g_ptz_internet_video_camera:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2012-0284"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secunia.com/secunia_research/2012-25/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2012-25/"
            },
            {
              "name": "20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control \"SetSource()\" Buffer Overflow",
              "refsource": "BUGTRAQ",
              "tags": [
                "Broken Link"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0113.html"
            },
            {
              "name": "54588",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/54588"
            },
            {
              "name": "1027259",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1027259"
            },
            {
              "name": "cisco-linksys-activex-bo(77085)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77085"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-29T01:30Z",
      "publishedDate": "2012-07-19T15:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2012-0284 (GCVE-0-2012-0284)

Vulnerability from cvelistv5

fkie_cve-2012-0284

Vulnerability from fkie_nvd

var-201207-0320

Vulnerability from variot

ghsa-3fwh-jp92-hm8g

Vulnerability from github

gsd-2012-0284

Vulnerability from gsd

Tags

Sightings

Nomenclature