Vulnerability CVE-2017-5216

Vulnerability CVE-2017-5216

Published: 2017-01-09

Description:

Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially designed malicious file containing special characters is loaded, the overflow occurs. 12.51 is the fixed version. The Support case ref is 00109744.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
None	None	Partial

Affected software
Netop -> Remote control

References:

http://www.netop.com/fileadmin/netop/resources/products/administration/remote_control/release_notes/NetopRemoteControl_12.51_ModificationNotes_final.pdf

http://www.securityfocus.com/bid/95316

Vulnerability CVE-2017-5216

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

4.3/10

2.9/10

8.6/10

Remote

Medium

No required

None

None

Partial

Affected software

References: