CVE-2008-0399

Published: Jan 23, 2008Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.

Affected (1)

Products: Toshiba: Surveillix

Toshiba

1 product

Surveillix

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Toshiba Surveillix	Version 1.0.0.4

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (12)

http://retrogod.altervista.org/rgod_toshiba_control.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/28557

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/27360

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2008/0214

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/39792

Source: cve@mitre.org

https://www.exploit-db.com/exploits/4946

Source: cve@mitre.org

http://retrogod.altervista.org/rgod_toshiba_control.html