Sign-up

ID

VAR-201506-0571


TITLE

Same as TD-9436T camera RTSP protocol buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2015-02775

DESCRIPTION

The same TD-9436T camera is a product produced by Shenzhen Tongwei Digital Technology Co., Ltd. In the normal user mode, if the method of sending an RTSP packet is setup, and the length of the string between two consecutive semicolons in the Transport field exceeds 135, the machine will experience a buffer overflow and crash. An attacker could use this vulnerability to crash the application.

Trust: 0.6

sources: CNVD: CNVD-2015-02775

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-02775

AFFECTED PRODUCTS

vendor: - model:tvt digital technology co ltd td-9436tscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2015-02775

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2015-02775
value: HIGH

Trust: 0.6

CNVD: CNVD-2015-02775
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2015-02775

PATCH

title:Same as TD-9436T camera RTSP protocol buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/57721

Trust: 0.6

sources: CNVD: CNVD-2015-02775

EXTERNAL IDS

db:CNVDid:CNVD-2015-02775

Trust: 0.6

sources: CNVD: CNVD-2015-02775

SOURCES

db:CNVDid:CNVD-2015-02775

LAST UPDATE DATE

2022-05-04T10:01:22.623000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2015-02775date:2015-05-06T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2015-02775date:2015-06-08T00:00:00