Lucene search

[email protected]CVE-2013-4980

HistoryMar 03, 2014 - 4:55 p.m.

CVE-2013-4980

2014-03-0316:55:00

CWE-119

[email protected]

web.nvd.nist.gov

avtech

avn801

dvr

buffer overflow

rtsp

denial of service

code execution

nvd

cve-2013-4980

9.6 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

0.056 Low

EPSS

Percentile

93.3%

JSON

Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.

CPENameOperatorVersion
avtech:avn801_dvr_firmwareavtech avn801 dvr firmwarele1017-1003-1009-1003
avtech:avn801_dvravtech avn801 dvreq-

CPE	Name	Operator	Version
avtech:avn801_dvr_firmware	avtech avn801 dvr firmware	le	1017-1003-1009-1003
avtech:avn801_dvr	avtech avn801 dvr	eq	-

References

osvdb.org/96692

seclists.org/fulldisclosure/2013/Aug/284

www.coresecurity.com/advisories/avtech-dvr-multiple-vulnerabilities

9.6 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

0.056 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2013-4980

cvelist1 prion1 zdt1 openvas2 checkpoint_advisories1 seebug1 packetstorm1 securityvulns2 exploitpack1 coresecurity1 exploitdb1