<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-2591" target="_blank">CVE</a>)</em> : Multiple buffer overflows in the Provideo ActiveX controls allow remote attackers to execute arbitrary code via crafted input fields, as demonstrated by (1) a long strIp argument to the voice method in 2way.dll in the alarm 1.0.3.1 ActiveX control, (2) a network response to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, the (3) UserName or (4) Password parameter to AXPlayer.ocx in the GMAXPlayer 2.0.8.2 ActiveX control, (5) a long Id parameter to the GetString method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control, or (6) a long strAdr parameter to the ConnectIPCam method in PAxPlayer.ocx in the PAxPlayer 3.0.0.9 ActiveX control.

Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to correct the flaw by implementing the following workaround: set the kill-bit on the PAxPlayer ActiveX Control. See Microsoft KB article 240797 for additional details.

• CVE ID: 2011-2591 (see also: NVD)
• Secunia Advisory ID: 45042
• Bugtraq ID: 48977
• Related OSVDB ID: 74310 74311 74312 74313
• Other Advisory URL: http://secunia.com/secunia_research/2011-58/
• Vendor URL: http://www.provideo.com.tw/

• Secunia Research - Secunia Research