CVE-2007-3488

Sony Network Camera Snc-p5 - Buffer Overflow

Title source: rule

Description

Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and SNC-RX570N/W, SNC-RX570N/B, SNC-RX550N/W, SNC-RX550N/B, SNC-RX530N/W, and SNC-RX530N/B 3.00 and 2.x before 2.31; allows remote attackers to execute arbitrary code via a long first argument to the PrmSetNetworkParam method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by str0ke · htmldoswindows

https://www.exploit-db.com/exploits/4120

View Code ZIP pw:eip

References (8)

[Third Party Advisory] http://jvn.jp/en/jp/JVN16767117/041520/index.html

[Third Party Advisory] http://jvn.jp/en/jp/JVN16767117/index.html

[Third Party Advisory] http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000012.html

[Third Party Advisory, VDB Entry] http://osvdb.org/39479

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35133

[Various Sources] http://pro.sony.com/bbsc/ssr/cat-securitycameras/resource.downloads.bbsccms-assets-cat-camsec-downloads-AffectedNetworkCameras.shtml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24684

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4120

Scores

EPSS 0.2474

EPSS Percentile 96.0%

Classification

Status draft

Affected Products (1)

sony/sony_network_camera_snc-p5

Timeline

Published Jun 29, 2007

Tracked Since Feb 18, 2026