Lucene search

[email protected]CVE-2014-8755

HistoryOct 17, 2014 - 3:55 p.m.

CVE-2014-8755

2014-10-1715:55:08

CWE-20

[email protected]

web.nvd.nist.gov

panasonic

network camera

remote code execution

crafted page

invalid pointer dereference

memory vulnerability

cve-2014-8755

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.102 Low

EPSS

Percentile

95.0%

JSON

Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafted page, which triggers an invalid pointer dereference, related to “the ability to nullify an arbitrary address in memory.”

Affected configurations

NVD

Node

panasonicnetwork_camera_viewMatch3.0

panasonicnetwork_camera_viewMatch4.0

CPENameOperatorVersion
panasonic:network_camera_viewpanasonic network camera vieweq3.0
panasonic:network_camera_viewpanasonic network camera vieweq4.0

CPE	Name	Operator	Version
panasonic:network_camera_view	panasonic network camera view	eq	3.0
panasonic:network_camera_view	panasonic network camera view	eq	4.0

References

security.panasonic.com/pss/security/library/howto_update_NCV.html

www.zerodayinitiative.com/advisories/ZDI-14-364/

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.102 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2014-8755

zdi1 nvd1 cvelist1 prion1