← back
CVE-2017-12969

CVE-2017-12969

EPSS 10.1%
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/43120/unverifiedexploitdbwww.exploit-db.com/exploits/43120unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://downloads.avaya.com/css/P8/documents/101044091http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-%28IPO%29-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txthttp://packetstormsecurity.com/files/144882/Avaya-IP-Office-IPO-10.1-Active-X-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2017/Nov/17https://www.exploit-db.com/exploits/43120/http://www.securityfocus.com/bid/101667