CVE-2011-2591

Severity Score

9.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple buffer overflows in the Provideo ActiveX controls allow remote attackers to execute arbitrary code via crafted input fields, as demonstrated by (1) a long strIp argument to the voice method in 2way.dll in the alarm 1.0.3.1 ActiveX control, (2) a network response to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, the (3) UserName or (4) Password parameter to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, (5) a long Id parameter to the GetString method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control, or (6) a long strAdr parameter to the ConnectIPCam method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control.

Múltiples desbordamientos de buffer en los controles ActiveX Provideo permiten a atacantes remotos ejecutar código arbitrario a través de campos de entrada modificados, como se ha demostrado por (1) un argumento strIp extenso al método voice de 2way.dll el control ActiveX alarm 1.0.3.1, (2) una respuesta de red a AXPlayer.ocx del control ActiveX GMAXPlayer 2.0.8.2, el (3) parámetro UserName o (4) Password a AXPlayer.ocx en el control ActiveX GMAXPlayer 2.0.8.2, (5) un parámetro Id extenso al método GetString de PAxPlayer.ocx en control ActiveX PAxPlayer 3.0.0.9 o (6) un parámetro strAdr extenso al método ConnectIPCam de PAxPlayer.ocx en el control ActiveX PAxPlayer 3.0.0.9.

*Credits: N/A

CVSS Scores

NISTv2 9.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-06-29 CVE Reserved
2011-08-05 CVE Published
2024-08-06 CVE Updated
2024-08-21 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (9)

URL	Tag	Source
http://osvdb.org/74310	Vdb Entry
http://osvdb.org/74311	Vdb Entry
http://osvdb.org/74312	Vdb Entry
http://osvdb.org/74313	Vdb Entry
http://osvdb.org/74314	Vdb Entry
http://www.securityfocus.com/bid/48977	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://secunia.com/secunia_research/2011-56	2011-09-07
http://secunia.com/secunia_research/2011-57	2011-09-07
http://secunia.com/secunia_research/2011-58	2011-09-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Provideo Search vendor "Provideo"		Alarm Activex Control Search vendor "Provideo" for product "Alarm Activex Control"				3.0.0.9 Search vendor "Provideo" for product "Alarm Activex Control" and version "3.0.0.9"		-		Affected
Provideo Search vendor "Provideo"		Gmax Activex Control Search vendor "Provideo" for product "Gmax Activex Control"				2.0.8.2 Search vendor "Provideo" for product "Gmax Activex Control" and version "2.0.8.2"		-		Affected
Provideo Search vendor "Provideo"		Paxplayer Activex Control Search vendor "Provideo" for product "Paxplayer Activex Control"				3.0.0.9 Search vendor "Provideo" for product "Paxplayer Activex Control" and version "3.0.0.9"		-		Affected