MidnightBSD

Advisories for lorex_technology

CVE-2014-1201 HIGH

Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
lorextechnology edge+ lh320
lorextechnology edge3 lh340
lorex_technology edge+_lh320_firmware 7-35-28-1b26e
lorex_technology edge_lh310_firmware 7-35-28-1b26e
lorextechnology edge2 lh330
lorex_technology edge3_lh340_firmware 11.19.85_1fe3a
lorex_technology edge2_lh330_firmware 11.17.38-33_1d97a
lorextechnology edge lh310