Published:2009/02/23  Last Updated:2009/03/09

JVN#16767117
Buffer overflow vulnerability in ActiveX Control for Sony SNC series network cameras

Overview

The ActiveX Control for Sony SNC series network cameras contains a heap-based buffer overflow vulnerability.

Products Affected

Terminals where an ActiveX Control module is installed from the following systems:
  • SNC-RZ25N prior to 1.30
  • SNC-P1 prior to 1.29
  • SNC-P5 prior to 1.29
  • SNC-CS10 prior to 1.06
  • SNC-CS11 prior to 1.06
  • SNC-DF40N prior to 1.18
  • SNC-DF70N prior to 1.18
  • SNC-RZ50N prior to 2.22
  • SNC-CS50N prior to 2.22
  • SNC-DF85N prior to 1.12
  • SNC-DF80N prior to 1.12
  • SNC-DF50N prior to 1.12
  • SNC-RX570N/W 3.00 or prior to 2.31
  • SNC-RX570N/B 3.00 or prior to 2.31
  • SNC-RX550N/W 3.00 or prior to 2.31
  • SNC-RX550N/B 3.00 or prior to 2.31
  • SNC-RX530N/W 3.00 or prior to 2.31
  • SNC-RX530N/B 3.00 or prior to 2.31
  • SNC-RZ25P prior to 1.30
  • SNC-DF70P prior to 1.18
  • SNC-DF40P prior to 1.18
  • SNC-RZ50P prior to 2.22
  • SNC-CS50P prior to 2.22
  • SNC-DF85P prior to 1.12
  • SNC-DF80P prior to 1.12
  • SNC-DF50P prior to 1.12
  • SNC-RX570P 3.00 or prior to 2.31
  • SNC-RX550P 3.00 or prior to 2.31
  • SNC-RX530P 3.00 or prior to 2.31

Description

The ActiveX Control for Sony SNC series network cameras is a software to monitor images over the network using a web browser. This ActiveX Control contains a heap-based buffer overflow vulnerability triggered by the improper processing of some configuration variables.

Impact

A remote attacker could execute arbitrary code.

Solution

Update the Software
Update to the latest version according to the information provided by the vendor.

Vendor Status

Vendor Status Last Update Vendor Notes
Sony Corporation Vulnerable 2009/03/09

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2009.02.23

Measures Conditions Severity
Access Required Routed - can be attacked over the Internet using packets
  • High
Authentication None - anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file
  • Medium
Exploit Complexity Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Medium-High

Description of each analysis measures

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2007-3488
JVN iPedia JVNDB-2009-000012

Update History