var-200706-0390
Vulnerability from variot
Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and SNC-RX570N/W, SNC-RX570N/B, SNC-RX550N/W, SNC-RX550N/B, SNC-RX530N/W, and SNC-RX530N/B 3.00 and 2.x before 2.31; allows remote attackers to execute arbitrary code via a long first argument to the PrmSetNetworkParam method. The ActiveX Control for Sony SNC series network cameras is a software to monitor images over the network using a web browser. Failed exploit attempts likely result in denial-of-service conditions. ----------------------------------------------------------------------
Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/
Click here to trial our solutions: http://secunia.com/advisories/try_vi/
TITLE: Sony Network Camera ActiveX Control Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA33968
VERIFY ADVISORY: http://secunia.com/advisories/33968/
DESCRIPTION: A vulnerability has been reported in the Sony Network Camera ActiveX control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
Please see vendor advisory for a list of products and firmware versions that include the affected ActiveX control.
SOLUTION: Update to a fixed version. See vendor advisory for more details.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Sony: http://www.sony.jp/professional/News/info/pb20090223.html
OTHER REFERENCES: JVN: http://jvn.jp/jp/JVN16767117/index.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0390",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "network camera snc-p5",
"scope": "eq",
"trust": 2.2,
"vendor": "sony",
"version": "1.0"
},
{
"model": "snc-cs10",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.06"
},
{
"model": "snc-cs11",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.06"
},
{
"model": "snc-cs50n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 2.22"
},
{
"model": "snc-cs50p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 2.22"
},
{
"model": "snc-df40n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.18"
},
{
"model": "snc-df40p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.18"
},
{
"model": "snc-df50n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-df50p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-df70n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.18"
},
{
"model": "snc-df70p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.18"
},
{
"model": "snc-df80n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-df80p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-df85n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-df85p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.12"
},
{
"model": "snc-p1",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.29"
},
{
"model": "snc-p5",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.29"
},
{
"model": "snc-rx530n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(b) 3.00 or prior to 2.31"
},
{
"model": "snc-rx530n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(w) 3.00 or prior to 2.31"
},
{
"model": "snc-rx530p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "3.00 or prior to 2.31"
},
{
"model": "snc-rx550n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(b) 3.00 or prior to 2.31"
},
{
"model": "snc-rx550n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(w) 3.00 or prior to 2.31"
},
{
"model": "snc-rx550p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "3.00 or prior to 2.31"
},
{
"model": "snc-rx570n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(b) 3.00 or prior to 2.31"
},
{
"model": "snc-rx570n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "(w) 3.00 or prior to 2.31"
},
{
"model": "snc-rx570p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "3.00 or prior to 2.31"
},
{
"model": "snc-rz25n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.30"
},
{
"model": "snc-rz25p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 1.30"
},
{
"model": "snc-rz50n",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 2.22"
},
{
"model": "snc-rz50p",
"scope": "eq",
"trust": 0.8,
"vendor": "sony",
"version": "prior to 2.22"
},
{
"model": "network camera snc-rz50n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.21"
},
{
"model": "network camera snc-rz25n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.29"
},
{
"model": "network camera snc-rx570n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx570n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-rx570n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx570n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-rx550n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx550n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-rx550n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx550n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-rx530n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx530n/w",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-rx530n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "3.0"
},
{
"model": "network camera snc-rx530n/b",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.30"
},
{
"model": "network camera snc-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.28"
},
{
"model": "network camera snc-p1",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.28"
},
{
"model": "network camera snc-df85n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.11"
},
{
"model": "network camera snc-df80n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.11"
},
{
"model": "network camera snc-df70n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.17"
},
{
"model": "network camera snc-df50n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.11"
},
{
"model": "network camera snc-df40n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.17"
},
{
"model": "network camera snc-cs50n",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "2.21"
},
{
"model": "network camera snc-cs11",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.05"
},
{
"model": "network camera snc-cs10",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "1.05"
},
{
"model": "network camera snc-rz50n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.22"
},
{
"model": "network camera snc-rz25n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.30"
},
{
"model": "network camera snc-rx570n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx570n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-rx570n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx570n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-rx550n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx550n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-rx550n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx550n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-rx530n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx530n/w",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-rx530n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "3.01"
},
{
"model": "network camera snc-rx530n/b",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.31"
},
{
"model": "network camera snc-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.29"
},
{
"model": "network camera snc-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.29"
},
{
"model": "network camera snc-df85n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.12"
},
{
"model": "network camera snc-df80n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.12"
},
{
"model": "network camera snc-df70n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.18"
},
{
"model": "network camera snc-df50n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.12"
},
{
"model": "network camera snc-df40n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.18"
},
{
"model": "network camera snc-cs50n",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "2.22"
},
{
"model": "network camera snc-cs11",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.06"
},
{
"model": "network camera snc-cs10",
"scope": "ne",
"trust": 0.3,
"vendor": "sony",
"version": "1.06"
}
],
"sources": [
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-cs10",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-cs11",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-cs50n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-cs50p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df40n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df40p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df50n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df50p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df70n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df70p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df80n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df80p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df85n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-df85p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-p1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-p5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx530n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx530p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx550n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx550p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx570n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rx570p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rz25n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rz25p",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rz50n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:sony_network_camera_snc-rz50p",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "str0ke is credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "24684"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
}
],
"trust": 0.9
},
"cve": "CVE-2007-3488",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2009-000012",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-26850",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3488",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2009-000012",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-528",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-26850",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26850"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and SNC-RX570N/W, SNC-RX570N/B, SNC-RX550N/W, SNC-RX550N/B, SNC-RX530N/W, and SNC-RX530N/B 3.00 and 2.x before 2.31; allows remote attackers to execute arbitrary code via a long first argument to the PrmSetNetworkParam method. The ActiveX Control for Sony SNC series network cameras is a software to monitor images over the network using a web browser. Failed exploit attempts likely result in denial-of-service conditions. ----------------------------------------------------------------------\n\nDid you know? Our assessment and impact rating along with detailed\ninformation such as exploit code availability, or if an updated patch\nis released by the vendor, is not part of this mailing-list?\n \nClick here to learn more about our commercial solutions:\nhttp://secunia.com/advisories/business_solutions/\n \nClick here to trial our solutions:\nhttp://secunia.com/advisories/try_vi/\n\n----------------------------------------------------------------------\n\nTITLE:\nSony Network Camera ActiveX Control Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA33968\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33968/\n\nDESCRIPTION:\nA vulnerability has been reported in the Sony Network Camera ActiveX\ncontrol, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to cause a buffer overflow. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see vendor advisory for a list of products and firmware\nversions that include the affected ActiveX control. \n\nSOLUTION:\nUpdate to a fixed version. See vendor advisory for more details. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nSony:\nhttp://www.sony.jp/professional/News/info/pb20090223.html\n\nOTHER REFERENCES:\nJVN:\nhttp://jvn.jp/jp/JVN16767117/index.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3488"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
},
{
"db": "VULHUB",
"id": "VHN-26850"
},
{
"db": "PACKETSTORM",
"id": "75135"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26850",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26850"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000012",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVN16767117",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2007-3488",
"trust": 2.8
},
{
"db": "BID",
"id": "24684",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "39479",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "4120",
"trust": 1.7
},
{
"db": "XF",
"id": "35133",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528",
"trust": 0.7
},
{
"db": "MILW0RM",
"id": "4120",
"trust": 0.6
},
{
"db": "XF",
"id": "5",
"trust": 0.6
},
{
"db": "JVN",
"id": "JVN#16767117",
"trust": 0.6
},
{
"db": "BID",
"id": "33876",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "33968",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-64771",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26850",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75135",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26850"
},
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "PACKETSTORM",
"id": "75135"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"id": "VAR-200706-0390",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26850"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:58:32.914000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "List of Affected Sony Network Cameras",
"trust": 0.8,
"url": "http://pro.sony.com/bbsc/ssr/cat-securitycameras/resource.downloads.bbsccms-assets-cat-camsec-downloads-AffectedNetworkCameras.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/24684"
},
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn16767117/index.html"
},
{
"trust": 2.5,
"url": "http://jvndb.jvn.jp/ja/contents/2009/jvndb-2009-000012.html"
},
{
"trust": 2.5,
"url": "http://osvdb.org/39479"
},
{
"trust": 1.7,
"url": "http://jvn.jp/en/jp/jvn16767117/041520/index.html"
},
{
"trust": 1.7,
"url": "http://pro.sony.com/bbsc/ssr/cat-securitycameras/resource.downloads.bbsccms-assets-cat-camsec-downloads-affectednetworkcameras.shtml"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/35133"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/4120"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35133"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3488"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/english/vuln/200902_sonysnc_en.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3488"
},
{
"trust": 0.6,
"url": "http://www.sony.com"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/4120"
},
{
"trust": 0.4,
"url": "http://jvn.jp/jp/jvn16767117/index.html"
},
{
"trust": 0.4,
"url": "http://www.sony.jp/professional/news/info/pb20090223.html"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://bssc.sel.sony.com/broadcastandbusiness/displaymodel?id=79540"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33968/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/try_vi/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26850"
},
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "PACKETSTORM",
"id": "75135"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-26850"
},
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"db": "PACKETSTORM",
"id": "75135"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-26850"
},
{
"date": "2009-02-24T00:00:00",
"db": "BID",
"id": "33876"
},
{
"date": "2007-06-27T00:00:00",
"db": "BID",
"id": "24684"
},
{
"date": "2009-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"date": "2009-02-24T15:54:35",
"db": "PACKETSTORM",
"id": "75135"
},
{
"date": "2007-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"date": "2007-06-29T18:30:00",
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-26850"
},
{
"date": "2009-02-24T20:27:00",
"db": "BID",
"id": "33876"
},
{
"date": "2015-05-07T17:37:00",
"db": "BID",
"id": "24684"
},
{
"date": "2009-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-000012"
},
{
"date": "2009-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-528"
},
{
"date": "2024-11-21T00:33:22.083000",
"db": "NVD",
"id": "CVE-2007-3488"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sony Network Camera SNC-P5 SonySncP5View.OCX ActiveX Control Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "24684"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-528"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "33876"
},
{
"db": "BID",
"id": "24684"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…