Intrusion Prevention

D-Link.DCS5605.PTZ.ActiveX.SelectDirectory.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in D-Link DCS-5605.
The vulnerability, which is located in the PTZ ActiveX control, can be exploited through misuse of a vulnerable method "SelectDirectory". It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

D-Link DCS-5605 PTZ 0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Disable this ActiveX Control by setting its kill bit {721700FE-7F0E-49C5-BDED-CA92B7CB1245}, by the method shown on the website: http://support.microsoft.com/kb/240797

CVE References

CVE-2012-5306