Published: 19/12/2008 Updated: 11/10/2018

CVSS v2 Base Score: 9.4 | Impact Score: 9.2 | Exploitability Score: 10

VMScore: 950

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:C

Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and previous versions and beta 4.05.280 and previous versions allow remote malicious users to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component.

Vulnerable Product	Search on Vulmon	Subscribe to Product
darkwet webcam xp 3.72
darkwet webcam xp 2.20
darkwet webcam xp 1.6.945
darkwet webcam xp 1.02.432
darkwet webcam xp 1.02.535
darkwet webcam xp

source: wwwsecurityfocuscom/bid/27875/info webcamXP is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to check user-supplied input data Attackers can exploit these issues to access potentially sensitive information or crash the application Successful exploits could aid in further attacks ...

source: wwwsecurityfocuscom/bid/27875/info webcamXP is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to check user-supplied input data Attackers can exploit these issues to access potentially sensitive information or crash the application Successful exploits could aid in further attac ...

CWE-20 http://secunia.com/advisories/29007 http://www.securityfocus.com/bid/27875 http://securityreason.com/securityalert/4788 http://aluigi.altervista.org/adv/webcamxp-adv.txt http://www.osvdb.org/42928 http://www.osvdb.org/42927 http://osvdb.org/42929 http://www.securityfocus.com/archive/1/488364/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/31233/

CVE-2008-5674

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect