Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-9418

CWE-119Buffer Overflow4 documents4 sources
Severity
2.1LOW
EPSS
0.2%
top 59.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Huawei Espace Desktop
Timeline
PublishedDec 24
Latest updateMay 14

Description

The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDhuawei/espace_desktopv200r001c03

🔴Vulnerability Details

2
GHSA
GHSA-wr5g-vmcg-72qc: The eSpace Meeting ActiveX control (eSpaceStatusCtrl2022-05-14
CVEList
CVE-2014-9418: The eSpace Meeting ActiveX control (eSpaceStatusCtrl2014-12-24

💥Exploits & PoCs

1
Exploit-DB
Huawei eSpace 1.1.11.103 - 'ContactsCtrl.dll' / 'eSpaceStatusCtrl.dll' ActiveX Heap Overflow2019-05-20