BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with BaoFeng Storm ActiveX and is prone to Buffer Overflow vulnerability.

Impact

Attacker may exploit this issue to execute arbitrary script code and may cause denial of service. Impact Level: Application

Solution

Upgarde to the latest BaoFeng Storm version 3.9.05.10 http://bbs.baofeng.com/read.php?tid=121630

Insight

A boundary error in the MPS.StormPlayer.1 ActiveX control (mps.dll) while processing overly large argument passed to the 'OnBeforeVideoDownload()' method leads to buffer overflow.

Affected

BaoFeng Storm mps.dll version 3.9.4.27 and prior on Windows.

References

http://secunia.com/advisories/34944

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1612

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
Advantech Studio Multiple Buffer Overflow Vulnerabilities
Adobe Reader Multimeda Doc.media.newPlayer Code Execution Vulnerability (Linux)
Dell Webcam 'crazytalk4.ocx' ActiveX Multiple BOF Vulnerabilities
CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability

Take action and discover your vulnerabilities