What is CVE-2012-0284?

CVE-2012-0284 is a vulnerability in Cisco Linksys_playerpt_activex_control, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-07-19.

Is CVE-2012-0284 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Cisco Linksys_playerpt_activex_control

CVE-2012-0284

Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a lon…

Vulnerability class: Buffer Overflow

EPSS: 0.732 (98.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Linksys_playerpt_activex_control — versions 1.0.0.15
Cisco Wvc200_wireless-g_ptz_internet_video_camera
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
cisco-linksys-activex-bo(77085) (vdb-entry, x_refsource_XF)
20120717 Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow (mailing-list, x_refsource_BUGTRAQ, Broken Link)
54588 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
1027259 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2012-0284?: CVE-2012-0284 is a vulnerability in Cisco Linksys_playerpt_activex_control, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-07-19.
Is CVE-2012-0284 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.