What is CVE-2012-4876?

CVE-2012-4876 is a vulnerability in Trendnet Securview_wireless_internet_camera, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-09-06.

Is CVE-2012-4876 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Trendnet Securview_wireless_internet_camera

CVE-2012-4876

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.

Vulnerability class: Buffer Overflow

EPSS: 0.812 (99.2th percentile) — read the EPSS interpretation.

Affected products

Trendnet Securview_wireless_internet_camera — versions tv-ip121wn
Trendnet Securview_wireless_internet_camera_activex_control — versions 1.1.52.18
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

48601 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
80661 (x_refsource_OSVDB, vdb-entry)
20120328 TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow (mailing-list, Exploit, x_refsource_BUGTRAQ)
18675 (Exploit, exploit, x_refsource_EXPLOIT-DB)
52760 (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2012-4876?: CVE-2012-4876 is a vulnerability in Trendnet Securview_wireless_internet_camera, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-09-06.
Is CVE-2012-4876 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.