CVE-2015-1000

Currently unrated

Key Information:

Vendor: Moxa
Status: Softcms
Vendor: CVE Published:; 5 June 2015

Summary

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.

References

http://zerodayinitiative.com/advisories/ZDI-15-120/

x_refsource_MISC

https://ics-cert.us-cert.gov/advisories/ICSA-15-153-02

x_refsource_MISC

http://www.securityfocus.com/bid/74966

vdb-entryx_refsource_BID

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 5, 2015
Vulnerability Reserved
Jan 10, 2015