CVE

Id
76564  
CVE No.
CVE-2014-9263  
Status
Candidate  
Description
Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted string to the (1) StartRecord, (2) StartRecordEx, (3) StartScheduledRecord, (4) SetDisplayText, (5) GetONVIFDeviceInformation, (6) GetONVIFProfiles, or (7) GetONVIFStreamUri method or a crafted filename to the (8) SaveCurrentImage or (9) SaveCurrentImageEx method.  
Phase
Assigned (20141204)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
704174 76564 CVE-2014-9263 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-393/  View
704175 76564 CVE-2014-9263 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-394/  View
704176 76564 CVE-2014-9263 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-395/  View
704177 76564 CVE-2014-9263 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-396/  View
704178 76564 CVE-2014-9263 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-397/  View
704179 76564 CVE-2014-9263 BID:71488  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
18698 JVNDB-2014-007573 MantisBT の file_download.php におけるクロスサイトスクリプティングの脆弱性 MantisBT の file_download.php には、インラインの添付に関する処理に不備があるため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-9271 76564 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007573.html  View