VAR-200901-0402
Vulnerability from variot - Updated: 2023-12-18 12:58Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value. Failed attacks will likely cause denial-of-service conditions. Axis Camera Control 2.40.0.0 is vulnerable; other versions may also be vulnerable.
The vulnerability is confirmed in version 2.40.0.0. Prior versions may also be affected.
ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2008-58/
Axis Communications: http://www.axis.com/techsup/software/acc/files/acc_security_update_090119.pdf
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
====================================================================== 2) Severity
Rating: Highly critical Impact: System compromise Where: Remote
====================================================================== 3) Vendor's Description of Software
"AXIS Camera Control (ActiveX component) makes it possible to view Motion JPEG video streams from an Axis Network Video product directly in Microsoft Development Tools and Microsoft Internet Explorer."
Product Link: http://www.axis.com/techsup/software/acc/index.htm
====================================================================== 4) Description of Vulnerability
Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system.
Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into visiting and clicking a malicious web page.
====================================================================== 5) Solution
The vendor recommends removing the ActiveX control and using AXIS Media Control as a replacement.
====================================================================== 6) Time Table
09/01/2009 - Vendor notified. 09/01/2009 - Vendor response. 23/01/2009 - Public disclosure.
====================================================================== 7) Credits
Discovered by Alin Rad Pop, Secunia Research.
====================================================================== 8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-5260 for the vulnerability.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-58/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
======================================================================
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0402",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "camera control",
"scope": "eq",
"trust": 2.4,
"vendor": "axis",
"version": "2.40.0.0"
},
{
"model": "communications camera control",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2.40.0"
}
],
"sources": [
{
"db": "BID",
"id": "33408"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:axis:axis_camera_control:2.40.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5260"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop, Secunia Research",
"sources": [
{
"db": "BID",
"id": "33408"
}
],
"trust": 0.3
},
"cve": "CVE-2008-5260",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-5260",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-35385",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-5260",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-326",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-35385",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value. Failed attacks will likely cause denial-of-service conditions. \nAxis Camera Control 2.40.0.0 is vulnerable; other versions may also be vulnerable. \n\nThe vulnerability is confirmed in version 2.40.0.0. Prior versions\nmay also be affected. \n\nORIGINAL ADVISORY:\nSecunia Research:\nhttp://secunia.com/secunia_research/2008-58/\n\nAxis Communications:\nhttp://www.axis.com/techsup/software/acc/files/acc_security_update_090119.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System compromise\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"AXIS Camera Control (ActiveX component) makes it possible to view \nMotion JPEG video streams from an Axis Network Video product directly \nin Microsoft Development Tools and Microsoft Internet Explorer.\"\n\nProduct Link:\nhttp://www.axis.com/techsup/software/acc/index.htm\n\n====================================================================== \n4) Description of Vulnerability\n\nSecunia Research has discovered a vulnerability in AXIS Camera \nControl, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\nSuccessful exploitation allows execution of arbitrary code, but \nrequires that the user is tricked into visiting and clicking a \nmalicious web page. \n\n====================================================================== \n5) Solution \n\nThe vendor recommends removing the ActiveX control and using \nAXIS Media Control as a replacement. \n\n====================================================================== \n6) Time Table \n\n09/01/2009 - Vendor notified. \n09/01/2009 - Vendor response. \n23/01/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Alin Rad Pop, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\nCVE-2008-5260 for the vulnerability. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2008-58/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "BID",
"id": "33408"
},
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "PACKETSTORM",
"id": "74279"
},
{
"db": "PACKETSTORM",
"id": "74271"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-35385",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-5260",
"trust": 2.9
},
{
"db": "BID",
"id": "33408",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "33444",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-0228",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "51532",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326",
"trust": 0.7
},
{
"db": "XF",
"id": "48176",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20090123 SECUNIA RESEARCH: AXIS CAMERA CONTROL \"IMAGE_PAN_TILT\" PROPERTY BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74271",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-35385",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74279",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "BID",
"id": "33408"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "PACKETSTORM",
"id": "74279"
},
{
"db": "PACKETSTORM",
"id": "74271"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"id": "VAR-200901-0402",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:58:44.466000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.axis.com/techsup/software/acc/index.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://secunia.com/secunia_research/2008-58/"
},
{
"trust": 2.1,
"url": "http://www.axis.com/techsup/software/acc/files/acc_security_update_090119.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/33408"
},
{
"trust": 1.7,
"url": "http://osvdb.org/51532"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33444"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/500334/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/0228"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48176"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5260"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5260"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/48176"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/500334/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2009/0228"
},
{
"trust": 0.3,
"url": "http://www.axis.com/products/camera_servers/index.htm"
},
{
"trust": 0.3,
"url": "/archive/1/500334"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14131/"
},
{
"trust": 0.1,
"url": "http://www.axis.com/techsup/software/amc/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33444/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5260"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://www.axis.com/techsup/software/acc/index.htm"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "BID",
"id": "33408"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "PACKETSTORM",
"id": "74279"
},
{
"db": "PACKETSTORM",
"id": "74271"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-35385"
},
{
"db": "BID",
"id": "33408"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"db": "PACKETSTORM",
"id": "74279"
},
{
"db": "PACKETSTORM",
"id": "74271"
},
{
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-35385"
},
{
"date": "2009-01-19T00:00:00",
"db": "BID",
"id": "33408"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"date": "2009-01-23T16:28:38",
"db": "PACKETSTORM",
"id": "74279"
},
{
"date": "2009-01-23T20:05:36",
"db": "PACKETSTORM",
"id": "74271"
},
{
"date": "2009-01-26T15:30:00.267000",
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"date": "2009-01-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-35385"
},
{
"date": "2009-02-02T14:39:00",
"db": "BID",
"id": "33408"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002732"
},
{
"date": "2018-10-11T20:54:39.777000",
"db": "NVD",
"id": "CVE-2008-5260"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AXIS Camera Control of CamImage.CamImage.1 ActiveX Control heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002732"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-326"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…