Published: 24/12/2014 Updated: 20/05/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei espace desktop

Huawei eSpace Meeting ContactsCtrldll and eSpaceStatusCtrldll ActiveX Heap Overflow Vendor: Huawei Technologies Co, Ltd Product web page: wwwhuaweicom Affected version: eSpace 1111103 (aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC) eSpace UC V200R002C02 Summary: Create more convenient Enhanced Commu ...

Huawei eSpace version 1111103 Meeting suffers from a heap-based memory overflow vulnerability when parsing large amount of bytes to the 'strNum' string parameter in GetNameyNum() in 'ContactsCtrldll' and 'strName' string parameter in SetUserInfo() in eSpaceStatusCtrldll library, resulting in heap memory corruption An attacker can gain access ...

💊 A collection of Value Objects to save time by generalizing types and format validations.

Python Value-Objects A collection of Value Objects to save time by generalizing types and format validations Value-objects Numeric value-objects Int Nullable Int Positive Int Nullable Positive Int Positive or zero Int Nullable Positive or zero Int Negative Int Nullable Negative Int Negative or zero Int Nullable Negative or zero Int String value-objects String Nul

CWE-119 http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-406589.htm http://packetstormsecurity.com/files/152968/Huawei-eSpace-1.1.11.103-Meeting-Heap-Overflow.html https://nvd.nist.gov https://github.com/jparadadev/python-value-objects https://www.exploit-db.com/exploits/46868

CVE-2014-9418

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect