Schweregrad:: Hoch
  Hinweisdatum: 21 Juli 2015

  Beschreibung

The vulnerability is caused due to a boundary error in the CrazyTalk4 ActiveX control within the Dell Webcam CrazyTalk4Native.dll module when handling certain properties. This can be exploited to cause a stack-based buffer overflow via an overly long string assigned to the "BackImage", "ScriptName", "ModelName", and "SRC" properties.

  Trend Micro Lösungen

Apply associated Trend Micro DPI Rules.

  Lösungen

  Trend Micro Deep Security DPI Rule Number: 1004986
  Trend Micro Deep Security DPI Rule Name: 1004986 - Dell Webcam Central CrazyTalk4 ActiveX Control Buffer Overflow Vulnerability

  Betroffene Software und Version:

  • Internet Explorer