BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with BaoFeng Storm ActiveX and is prone to Buffer Overflow vulnerability.

Impact

Attacker may exploit this issue to execute arbitrary script code and may cause denial of service. Impact Level: Application

Solution

Upgarde to the latest BaoFeng Storm version 3.9.05.10 http://bbs.baofeng.com/read.php?tid=121630

Insight

A boundary error in the MPS.StormPlayer.1 ActiveX control (mps.dll) while processing overly large argument passed to the 'OnBeforeVideoDownload()' method leads to buffer overflow.

Affected

BaoFeng Storm mps.dll version 3.9.4.27 and prior on Windows.

References

http://secunia.com/advisories/34944

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1612

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability
Audacity Buffer Overflow Vulnerability (Win)
Adobe Reader Multimeda Doc.media.newPlayer Code Execution Vulnerability (Linux)
Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)

Take action and discover your vulnerabilities