GeoVision LiveX ActiveX Control 'SnapShotToFile()' Arbitrary File Overwrite Vulnerability

GeoVision LiveX ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content.

An attacker can exploit this issue to corrupt and overwrite arbitrary files on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

GeoVision LiveX ActiveX control 7000, 8120, and 8200 are vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus