Sign-up

ID

VAR-200905-0313


CVE

CVE-2009-1740


TITLE

csviewer.ocx Heap-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2009-003432

DESCRIPTION

Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Failed exploit attempts likely result in denial-of-service conditions. MPEG4 Viewer 2.11.918.2006 is vulnerable; other versions may also be affected. D-Link MPEG4 Viewer is an ActiveX control installed on the D-Link webcam client. The D-Link MPEG4 Viewer ActiveX control did not properly validate input passed to the SetFilePath() and SetClientCookie() methods. If a user is tricked into visiting a malicious webpage and sends a super-long input parameter to the above method, a heap overflow can be triggered, resulting in the execution of arbitrary instructions. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. The vulnerabilities are confirmed in version 2.11.918.2006. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: 0x29A ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2009-1740 // JVNDB: JVNDB-2009-003432 // BID: 34990 // VULHUB: VHN-39186 // PACKETSTORM: 77541

AFFECTED PRODUCTS

vendor:dlinkmodel:mpeg4 viewer activex controlscope:eqversion:2.11.918.2006

Trust: 1.6

vendor:d linkmodel:mpeg4 viewer activex controlscope:eqversion:2.11.918.2006

Trust: 1.1

vendor:d linkmodel:mpeg4 viewer activex controlscope:eqversion:0

Trust: 0.3

sources: BID: 34990 // JVNDB: JVNDB-2009-003432 // CNNVD: CNNVD-200905-255 // NVD: CVE-2009-1740

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-1740
value: HIGH

Trust: 1.0

NVD: CVE-2009-1740
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200905-255
value: CRITICAL

Trust: 0.6

VULHUB: VHN-39186
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-1740
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-39186
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-39186 // JVNDB: JVNDB-2009-003432 // CNNVD: CNNVD-200905-255 // NVD: CVE-2009-1740

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-39186 // JVNDB: JVNDB-2009-003432 // NVD: CVE-2009-1740

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200905-255

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200905-255

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-003432

PATCH
title:Top Pageurl:http://www.dlink.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-003432

EXTERNAL IDS
db:NVDid:CVE-2009-1740
Trust: 2.5
db:BIDid:34990
Trust: 2.0
db:SECUNIAid:35066
Trust: 1.8
db:OSVDBid:54458
Trust: 1.7
db:JVNDBid:JVNDB-2009-003432
Trust: 0.8
db:XFid:4
Trust: 0.6
db:XFid:50556
Trust: 0.6
db:CNNVDid:CNNVD-200905-255
Trust: 0.6
db:VULHUBid:VHN-39186
Trust: 0.1
db:PACKETSTORMid:77541
Trust: 0.1
sources:
            
            
            VULHUB: VHN-39186 // 
            
            
            
            BID: 34990 // 
            
            
            
            JVNDB: JVNDB-2009-003432 // 
            
            
            
            PACKETSTORM: 77541 // 
            
            
            
            CNNVD: CNNVD-200905-255 // 
            
            
            
            NVD: CVE-2009-1740

REFERENCES
url:http://www.securityfocus.com/bid/34990
Trust: 1.7
url:http://osvdb.org/54458
Trust: 1.7
url:http://secunia.com/advisories/35066
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/50556
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1740
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1740
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/50556
Trust: 0.6
url:http://www.dlink.com/
Trust: 0.3
url:http://support.microsoft.com/kb/240797
Trust: 0.3
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/business_solutions/
Trust: 0.1
url:http://secunia.com/advisories/try_vi/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/35066/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-39186 // 
            
            
            
            BID: 34990 // 
            
            
            
            JVNDB: JVNDB-2009-003432 // 
            
            
            
            PACKETSTORM: 77541 // 
            
            
            
            CNNVD: CNNVD-200905-255 // 
            
            
            
            NVD: CVE-2009-1740

CREDITS
0x29A
Trust: 0.9
sources:
            
            
            BID: 34990 // 
            
            
            
            CNNVD: CNNVD-200905-255

SOURCES
db:VULHUBid:VHN-39186
db:BIDid:34990
db:JVNDBid:JVNDB-2009-003432
db:PACKETSTORMid:77541
db:CNNVDid:CNNVD-200905-255
db:NVDid:CVE-2009-1740

LAST UPDATE DATE
2025-04-10T22:40:35.389000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-39186date:2017-08-17T00:00:00
db:BIDid:34990date:2009-05-15T18:56:00
db:JVNDBid:JVNDB-2009-003432date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200905-255date:2009-05-21T00:00:00
db:NVDid:CVE-2009-1740date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-39186date:2009-05-20T00:00:00
db:BIDid:34990date:2009-05-15T00:00:00
db:JVNDBid:JVNDB-2009-003432date:2012-06-26T00:00:00
db:PACKETSTORMid:77541date:2009-05-16T10:30:34
db:CNNVDid:CNNVD-200905-255date:2009-05-20T00:00:00
db:NVDid:CVE-2009-1740date:2009-05-20T19:30:00.377