Stack-Based Buffer Overflow in Motorola Scanner SDK Products
CVE-2015-1495

Currently unrated

Key Information:

Vendor: Motorola
Status: Motorola Scanner Sdk
Vendor: CVE Published:; 16 February 2015

Summary

The vulnerability arises from multiple stack-based buffer overflows in the Motorola Scanner SDK, which can be exploited by remote attackers. By sending crafted input strings to the Open method within IOPOSScanner.ocx or IOPOSScale.ocx, an adversary may execute arbitrary code on the host system. This flaw emphasizes the need for security measures to mitigate the risks associated with buffer overflow vulnerabilities, particularly in applications that process external inputs.

References

https://portal.motorolasolutions.com/Support/US-EN/Resolu...

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-034/

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-033/

x_refsource_MISC

Timeline

Vulnerability published
Feb 16, 2015
Vulnerability Reserved
Feb 5, 2015