Advantech WebAccess nvA1Media Caption Heap-based Buffer Overflow Remote Code Execution Exploit

The specific flaw exists within nvA1Media.ocx. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process.
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-94575
Product Version: 
39
Released Date: 
Sunday, August 27, 2017 - 19:00