Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and compiler.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Motion | Lavrsen | 3.1.20 | 3.1.20 |
Motion | Lavrsen | 3.2.5 | 3.2.5 |
Motion | Lavrsen | 3.2.1 | 3.2.1 |
Motion | Lavrsen | 3.2.9 | 3.2.9 |
Motion | Lavrsen | 3.2.6 | 3.2.6 |
Motion | Lavrsen | 3.1.19 | 3.1.19 |
Motion | Lavrsen | 3.2.4 | 3.2.4 |
Motion | Lavrsen | 3.1.18 | 3.1.18 |
Motion | Lavrsen | * | 3.2.10 |
Motion | Lavrsen | 3.2.7 | 3.2.7 |
Motion | Lavrsen | 3.2.2 | 3.2.2 |
Motion | Lavrsen | 3.1.17 | 3.1.17 |
Motion | Lavrsen | 3.2.3 | 3.2.3 |
Motion | Lavrsen | 3.2.8 | 3.2.8 |