Dell.Webcam.ActiveX.CrazyTalk4Native.dll.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a Buffer Overflow vulnerability in Dell Webcam Software ActiveX control.
This vulnerability is caused by an error in the "CrazyTalk4Native.dll" ActiveX control when processing overly long arguments that are being passed to "BackImage" ,"ScriptName", "ModelName" and "SRC" properties. A remote attack may be able to exploit this to execute arbitrary code within the context of the application via a crafted web page.

affected-products-logoAffected Products

Dell SX2210 Webcam Monitor RC1.1 R230103

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)