Intrusion Prevention

MacOS.X.EvoCam.HTTP.Get.Buffer.Overflow

Description

This indicates a possible attack against buffer-overflow vulnerability in EvoCam HTTP server.
The vulnerability is due to the vulnerable software's inability to properly process overly long GET requests. An attacker may exploit this to execute arbitrary code or cause denial of service by sending an overly long GET request.

Affected Products

EvoCam 3.6.6 and 3.6.7 are vulnerable; other versions may also be affected.

Impact

System compromise
Denial of service

Recommended Actions

Currently we are not aware of any official patches or updates.

CVE References

CVE-2010-2309