HTTP: Unsafe Cisco Wireless-G PTZ Internet Video Camera WVC200 ActiveX Control
This signature detects attempts to use an unsafe ActiveX control. The Cisco Wireless-G PTZ Internet Video Camera WVC200 ActiveX control 'PlayerPT.ocx' is vulnerable. A successful attack could result in arbitrary code execution.
Extended Description
Cisco Wireless-G PTZ Internet Video Camera WVC200 is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using an affected ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. Cisco Wireless-G PTZ Internet Video Camera WVC200 1.0.0.15 is vulnerable; other versions may also be affected.
Affected Products
Cisco wireless-g_ptz_internet_video_camera_wvc200
Short Name
HTTP:STC:ACTIVEX:CISCO-WVC200
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2012-0284 Camera Cisco Control Internet PTZ Unsafe Video WVC200 Wireless-G bid:52673 bid:54588
Release Date
03/28/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Cisco
CVSS Score
9.3