CVE-2014-8756 Information

Description

The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call which writes null bytes to an arbitrary address.

Reference

http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=20&mm=2010073014092324 http://www.zerodayinitiative.com/advisories/ZDI-14-363/