3 matches found
CVE-2015-2096
WebGate eDVR Manager exposes the WESPMonitor.WESPMonitorCtrl.1 ActiveX control. CVE-2015-2096 is a use-after-free in the Connect() method that can allow remote code execution when an attacker provides an invalid IP address and reloads the page. The vulnerability is triggered by a freed pointer be...
CVE-2015-2098
CVE-2015-2098 affects WebGate eDVR Manager through multiple stack-based buffer overflows in WebGate ActiveX controls. The described vulnerable entrypoints are within WESPEvent.WESPEventCtrl.1 (Connect, ConnectEx, ConnectEx2), WESPPlayback.WESPPlaybackCtrl.1 (AudioOnlySiteChannel, SiteChannel, Sit...
CVE-2015-2095
WebGate eDVR Manager's WESPPTZ.WESPPTZCtrl.1 ActiveX control is affected by a heap-based buffer overflow in SetConnectInfo. A remote attacker can run arbitrary code by supplying crafted arguments. Concrete details from multiple sources: Affected component: WESPPTZCtrl.1 ActiveX control in WebGate...