Vulnerability Description
Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Rse6500 | - |
| Huawei | Rse6500 Firmware | v100r001c00 |
| Huawei | Vp9600 Series Firmware | v200r001c01 |
| Huawei | Vp9630 | - |
| Huawei | Vp9650 | - |
| Huawei | Vp9660 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160601-01-videocoVendor Advisory
- http://www.securityfocus.com/bid/90978
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160601-01-videocoVendor Advisory
- http://www.securityfocus.com/bid/90978
FAQ
What is CVE-2016-5234?
CVE-2016-5234 is a vulnerability with a CVSS score of 8.1 (HIGH). Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, ...
How severe is CVE-2016-5234?
CVE-2016-5234 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-5234?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Rse6500, Huawei Rse6500 Firmware, Huawei Vp9600 Series Firmware, Huawei Vp9630, Huawei Vp9650.