Dell.Webcam.ActiveX.CrazyTalk4Native.dll.Buffer.Overflow
Description
This indicates an attempt to exploit a Buffer Overflow vulnerability in Dell Webcam Software ActiveX control.
This vulnerability is caused by an error in the "CrazyTalk4Native.dll" ActiveX control when processing overly long arguments that are being passed to "BackImage" ,"ScriptName", "ModelName" and "SRC" properties. A remote attack may be able to exploit this to execute arbitrary code within the context of the application via a crafted web page.
Affected Products
Dell SX2210 Webcam Monitor RC1.1 R230103
Impact
System Compromise: Remote attackers can gain control of vulnerable systems
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |