Lorex Technologies Edge Series Security DVR ActiveX Buffer Overflow
High Nessus Plugin ID 72264
SynopsisThe remote Windows host has one or more ActiveX controls installed that are affected by a buffer overflow vulnerability.
DescriptionThe remote Windows host has one or more versions of Lorex Technologies' INetViewX ActiveX control installed. The HTTP_PORT parameter in these controls is affected by a buffer overflow vulnerability that could allow an attacker to remotely execute arbitrary code if exploited.
SolutionThere are currently no fixes available but as a workaround, set the kill bit on the affected ActiveX controls.