CVE-2015-1495
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| motorola | motorola_scanner_sdk | - | |
References
- http://www.zerodayinitiative.com/advisories/ZDI-15-033/
- http://www.zerodayinitiative.com/advisories/ZDI-15-034/
- https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666
- http://www.zerodayinitiative.com/advisories/ZDI-15-033/
- http://www.zerodayinitiative.com/advisories/ZDI-15-034/
- https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.