Dell Webcam Central CrazyTalk4 ActiveX Control Buffer Overflow Vulnerability
2015年7月21日
危険度: 高
情報公開日: 7 21, 2015
概要
The vulnerability is caused due to a boundary error in the CrazyTalk4 ActiveX control within the Dell Webcam CrazyTalk4Native.dll module when handling certain properties. This can be exploited to cause a stack-based buffer overflow via an overly long string assigned to the "BackImage", "ScriptName", "ModelName", and "SRC" properties.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1004986
Trend Micro Deep Security DPI Rule Name: 1004986 - Dell Webcam Central CrazyTalk4 ActiveX Control Buffer Overflow Vulnerability
影響を受けるソフトウェア
- Internet Explorer