CVE-2015-2095

WebGate eDVR Manager - Remote Code Execution via WESPPTZ ActiveX SetConnectInfo

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the SetConnectInfo function in the WESPPTZ.WESPPTZCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via crafted arguments.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-070/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/73222

Scores

EPSS 0.0274
EPSS Percentile 84.4%

Details

CWE
CWE-119
Status published
Products (1)
webgateinc/edvr_manager 2.6.4
Published Mar 09, 2015
Tracked Since Feb 18, 2026