CVE-2015-1000

CWE-119Buffer OverflowCWE-39919 documents6 sources
Severity
6.8MEDIUM
EPSS
3.6%
top 12.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Softcms
Timeline
PublishedJun 5
Latest updateMay 17

Description

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDmoxa/softcms1.2

🔴Vulnerability Details

2
GHSA
GHSA-9x6v-mq83-vx5v: Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO2022-05-17
CVEList
CVE-2015-1000: Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO2015-06-05

💥Exploits & PoCs

6
Exploit-DB
RHEL 7.0/7.1 - 'abrt/sosreport' Local Privilege Escalation2015-12-01
Exploit-DB
abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation2015-12-01
Exploit-DB
OpenLDAP 2.4.42 - ber_get_next Denial of Service2015-09-11
Exploit-DB
Adobe Flash - textfield.gridFitType Use-After-Free2015-08-19
Exploit-DB
Adobe Flash - NetConnection.connect Use-After-Free2015-08-19

📋Vendor Advisories

7
Cisco
Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability2015-09-23
Cisco
Cisco ASR 1000 Series Aggregation Services Routers Data-Plane Processing Denial of Service Vulnerability2015-08-31
Cisco
Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability2015-07-30
Cisco
Cisco IOS XE for Cisco 1000 Series ASR Routers Denial of Service Vulnerability2015-07-07
Cisco
Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability2015-04-03

💬Community

3
Bugzilla
Fix for CVE-2015-5262 not backported to 4.2.x2019-03-25
Bugzilla
CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold2015-10-13
Bugzilla
CVE-2015-1868 pdns: Label decompression bug in PowerDNS can cause crashes on specific platforms2015-04-20
CVE-2015-1000 (MEDIUM CVSS 6.8) | Stack-based buffer overflow in the | cvebase.io