WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic?id' Arbitrary Memory Disclosure

Author: Luigi Auriemma
type: webapps
platform: multiple
port: 
date_added: 2008-02-18  
date_updated: 2014-01-28  
verified: 1  
codes: CVE-2008-5674;OSVDB-42928  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 31234.txt  

source: https://www.securityfocus.com/bid/27875/info

webcamXP is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to check user-supplied input data.

Attackers can exploit these issues to access potentially sensitive information or crash the application. Successful exploits could aid in further attacks or deny service to legitimate users.

These issues affect webcamXP 3.72.440 and 4.05.280 beta and prior versions.

http://www.example.com:8080/show_gallery_pic?id=999999