Lucene search

[email protected]CVE-2008-0399

HistoryJan 23, 2008 - 12:00 p.m.

CVE-2008-0399

2008-01-2312:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0399

buffer overflow

toshiba

surveillance

surveillix

recordsend

activex

remote code execution

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.187 Low

EPSS

Percentile

96.3%

JSON

Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.

Affected configurations

NVD

Node

toshibasurveillixMatch1.0.0.4

CPENameOperatorVersion
toshiba:surveillixtoshiba surveillixeq1.0.0.4

CPE	Name	Operator	Version
toshiba:surveillix	toshiba surveillix	eq	1.0.0.4

References

retrogod.altervista.org/rgod_toshiba_control.html

secunia.com/advisories/28557

www.securityfocus.com/bid/27360

www.vupen.com/english/advisories/2008/0214

exchange.xforce.ibmcloud.com/vulnerabilities/39792

www.exploit-db.com/exploits/4946

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.187 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2008-0399

nvd1 prion1 cvelist1