Intrusion Prevention

WebGate.WESPSDK.WESPDiscovery.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a remote Code Execution vulnerability in multiple WebGate products.
The vulnerability is caused by an stack based overflow in an ActiveX control when the affected application handles a maliciously crafted web page. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the current user.

Affected Products

WebGate Control Center
WebGate eDVR Manager
WebGate WebEyeAudio
WebGate WinRDS

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

CVE References

CVE-2015-2100