CVE-2015-2094

Webgateinc Winrds - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) SaveSiteImage function.

Exploits (2)

exploitdb WORKING POC

by Praveen Darshanam · htmlremotewindows

https://www.exploit-db.com/exploits/36604

View Code ZIP pw:eip

exploitdb WORKING POC

by Praveen Darshanam · htmlremotewindows

https://www.exploit-db.com/exploits/36517

View Code ZIP pw:eip

References (11)

[Exploit] http://packetstormsecurity.com/files/131069/WebGate-WinRDS-2.0.8-StopSiteAllChannel-Stack-Overflow.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/118905

[Third Party Advisory, VDB Entry] http://www.osvdb.org/118906

[Third Party Advisory, VDB Entry] http://www.osvdb.org/118907

[Third Party Advisory, VDB Entry] http://www.osvdb.org/118908

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-15-071/

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-15-072/

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-15-073/

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-15-074/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/72841

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/36517/

Scores

EPSS 0.5745

EPSS Percentile 98.2%

Details

CWE

CWE-119

Status published

Products (1)

webgateinc/winrds

Published Mar 09, 2015

Tracked Since Feb 18, 2026