CVE-2015-2097

Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) SDK allow remote attackers to execute arbitrary code via unspecified vectors to the (1) LoadImage or (2) LoadImageEx function in the WESPMonitor.WESPMonitorCtrl.1 control, (3) ChangePassword function in the WESPCONFIGLib.UserItem control, Connect function in the (4) WESPSerialPort.WESPSerialPortCtrl.1 or (5) WESPPLAYBACKLib.WESPPlaybackCtrl control, or (6) AddID function in the WESPCONFIGLib.IDList control or a (7) long string to the second argument to the ConnectEx3 function in the WESPPLAYBACKLib.WESPPlaybackCtrl control.
Configurations

Configuration 1 (hide)

cpe:2.3:a:webgate:webgate_embedded_standard_protocol_sdk:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:26

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/131072/WebGate-eDVR-Manager-Stack-Buffer-Overflow.html - Exploit () http://packetstormsecurity.com/files/131072/WebGate-eDVR-Manager-Stack-Buffer-Overflow.html - Exploit
References () http://seclists.org/fulldisclosure/2015/Feb/90 - Exploit () http://seclists.org/fulldisclosure/2015/Feb/90 - Exploit
References () http://www.osvdb.org/118893 - () http://www.osvdb.org/118893 -
References () http://www.osvdb.org/118896 - () http://www.osvdb.org/118896 -
References () http://www.osvdb.org/118902 - () http://www.osvdb.org/118902 -
References () http://www.securityfocus.com/bid/72835 - () http://www.securityfocus.com/bid/72835 -
References () http://www.zerodayinitiative.com/advisories/ZDI-15-059/ - () http://www.zerodayinitiative.com/advisories/ZDI-15-059/ -
References () http://www.zerodayinitiative.com/advisories/ZDI-15-062/ - () http://www.zerodayinitiative.com/advisories/ZDI-15-062/ -
References () http://www.zerodayinitiative.com/advisories/ZDI-15-068/ - () http://www.zerodayinitiative.com/advisories/ZDI-15-068/ -
References () https://www.exploit-db.com/exploits/36505/ - () https://www.exploit-db.com/exploits/36505/ -
References () https://www.exploit-db.com/exploits/36602/ - Exploit () https://www.exploit-db.com/exploits/36602/ - Exploit
References () https://www.exploit-db.com/exploits/36607/ - () https://www.exploit-db.com/exploits/36607/ -

Information

Published : 2015-03-09 14:59

Updated : 2024-11-21 02:26


NVD link : CVE-2015-2097

Mitre link : CVE-2015-2097

CVE.ORG link : CVE-2015-2097


JSON object : View

Products Affected

webgate

  • webgate_embedded_standard_protocol_sdk
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer