Buffer overflow

2012-06-0719:55:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.222 Low

EPSS

Percentile

96.4%

JSON

Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.

CPENameOperatorVersion
smartwi_connection_utillityeq4.11
smartwi_connection_utillityeq4.10
smartwi_connection_utillityeq4.9
smartwi_connection_utillityeq4.7
smartwi_connection_utillityeq4.8
smartwi_connection_utillityeq4.7.4
vaio_easy_connecteq1.0.0
vaio_easy_connecteq1.1.0
vaio_pc_wireless_lan_wizardeq1.0
vaio_wireless_wizardeq1.00

Name	Operator	Version
smartwi_connection_utillity	eq	4.11
smartwi_connection_utillity	eq	4.10
smartwi_connection_utillity	eq	4.9
smartwi_connection_utillity	eq	4.7
smartwi_connection_utillity	eq	4.8
smartwi_connection_utillity	eq	4.7.4
vaio_easy_connect	eq	1.0.0
vaio_easy_connect	eq	1.1.0
vaio_pc_wireless_lan_wizard	eq	1.0
vaio_wireless_wizard	eq	1.00