Cisco Linksys PlayerPT ActiveX Control ‘SetSource()’ Buffer Overflow Vulnerability


Cisco Linksys PlayerPT ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input.


The original article can be found at:
The information has been provided by Carsten Eiram .


Vulnerable Systems:
 *Cisco Wireless-G PTZ Internet Video Camera WVC200 0

An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
Cisco Linksys PlayerPT is vulnerable; other versions may also be affected.

Vendor Status:
Vendor as issued an updated vulnerability.

CVE Information:

Disclosure Timeline:
Initial Release:Jul 10 2012

Categories: News