8.8
CWE
787 119
Advisory Published
Updated

CVE-2019-5999: Buffer Overflow

First published: Tue Aug 06 2019(Updated: )

Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Canon Eos-1d X Firmware<=2.1.0
Canon Eos-1d X
Canon Eos-1d X Mkii Firmware<=1.1.6
Canon Eos-1d X Mkii
Canon Eos-1d C Firmware<=1.4.1
Canon Eos-1d C
Canon Eos 5d Mark Iii Firmware<=1.3.5
Canon Eos 5d Mark Iii
Canon Eos 5d Mark Iv Firmware<=1.2.0
Canon Eos 5d Mark Iv
Canon Eos 5ds Firmware<=1.1.2
Canon Eos 5ds
Canon Eos 5ds R Firmware<=1.1.2
Canon Eos 5ds R
Canon Eos 6d Firmware<=1.1.8
Canon Eos 6d
Canon Eos 7d Mark Ii Firmware<=1.1.2
Canon Eos 7d Mark Ii
Canon Eos 70d Firmware<=1.1.2
Canon Eos 70d
Canon Eos 80d Firmware<=1.0.2
Canon Eos 80d
Canon Eos Kiss X7i Firmware<=1.1.5
Canon Eos Kiss X7i
Canon Eos D Rebel T5i Firmware<=1.1.5
Canon Eos D Rebel T5i
Canon Eos 700d Firmware<=1.1.5
Canon Eos 700d
Canon Eos Kiss X8i Firmware<=1.0.0
Canon Eos Kiss X8i
Canon Eos D Rebel T6i Firmware<=1.0.0
Canon Eos D Rebel T6i
Canon Eos 750d Firmware<=1.0.0
Canon Eos 750d
Canon Eos Kiss X9i Firmware<=1.0.1
Canon Eos Kiss X9i
Canon Eos D Rebel T7i Firmware<=1.0.1
Canon Eos D Rebel T7i
Canon Eos 800d Firmware<=1.0.1
Canon Eos 800d
Canon Eos Kiss X7 Firmware<=1.0.1
Canon Eos Kiss X7
Canon Eos D Rebel Sl1 Firmware<=1.0.1
Canon Eos D Rebel Sl1
Canon Eos 100d Firmware<=1.0.1
Canon Eos 100d
Canon Eos Kiss X9 Firmware<=1.0.1
Canon Eos Kiss X9
Canon Eos D Rebel Sl2 Firmware<=1.0.1
Canon Eos D Rebel Sl2
Canon Eos 200d Firmware<=1.0.1
Canon Eos 200d
Canon Eos Kiss X10 Firmware<=1.0.1
Canon Eos Kiss X10
Canon Eos D Rebel Sl3 Firmware<=1.0.1
Canon Eos D Rebel Sl3
Canon Eos 250d Firmware<=1.0.1
Canon Eos 250d
Canon Eos 8000d Firmware<=1.0.0
Canon Eos 8000d
Canon Eos D Rebel T6s Firmware<=1.0.0
Canon Eos D Rebel T6s
Canon Eos 760d Firmware<=1.0.0
Canon Eos 760d
Canon Eos 9000d Firmware<=1.0.2
Canon Eos 9000d
Canon Eos 77d Firmware<=1.0.2
Canon Eos 77d
Canon Eos Kiss X70 Firmware<=1.0.2
Canon Eos Kiss X70
Canon Eos D Rebel T5 Firmware<=1.0.2
Canon Eos D Rebel T5
Canon Eos 1200d Firmware<=1.0.2
Canon Eos 1200d
Canon Eos D Rebel T5 Re Firmware<=1.0.2
Canon Eos D Rebel T5 Re
Canon Eos 1200d Mg Firmware<=1.0.2
Canon Eos 1200d Mg
Canon Eos Hi Firmware<=1.0.2
Canon Eos Hi
Canon Eos Kiss X80 Firmware<=1.1.0
Canon Eos Kiss X80
Canon Eos D Rebel T6 Firmware<=1.1.0
Canon Eos D Rebel T6
Canon Eos 1300d Firmware<=1.1.0
Canon Eos 1300d
Canon Eos Kiss X90 Firmware<=1.0.0
Canon Eos Kiss X90
Canon Eos D Rebel T7 Firmware<=1.0.0
Canon Eos D Rebel T7
Canon Eos 1500d Firmware<=1.0.0
Canon Eos 1500d
Canon Eos 2000d Firmware<=1.0.0
Canon Eos 2000d
Canon Eos D Rebel T100 Firmware<=1.0.0
Canon Eos D Rebel T100
Canon Eos 3000d Firmware<=1.0.0
Canon Eos 3000d
Canon Eos 4000d Firmware<=1.0.0
Canon Eos 4000d
Canon Eos R Firmware<=1.3.0
Canon Eos R
Canon Eos Rp Firmware<=1.2.0
Canon Eos Rp
Canon Eos Rp Gold Firmware<=1.2.0
Canon Eos Rp Gold
Canon Eos M2 Firmware<=1.0.3
Canon Eos M2
Canon Eos M3 Firmware<=1.2.0
Canon Eos M3
Canon Eos M5 Firmware<=1.0.1
Canon Eos M5
Canon Eos M6 Firmware<=1.0.1
Canon Eos M6
Canon Eos M6\(china\) Firmware<=5.0.0
Canon Eos M6\(china\)
Canon Eos M10 Firmware<=1.1.0
Canon Eos M10
Canon Eos M100 Firmware<=1.0.0
Canon Eos M100
Canon Eos Kiss M Firmware<=1.0.2
Canon Eos Kiss M
Canon Eos M50 Firmware<=1.0.2
Canon Eos M50
Canon Powershot Sx740 Hs Firmware<=1.0.1
Canon Powershot Sx740 Hs
Canon Powershot Sx70 Hs Firmware<=1.1.0
Canon Powershot Sx70 Hs
Canon Powershot G5xmark Ii Firmware<=1.0.1
Canon Powershot G5xmark Ii
Canon Eos 6d Mark Ii Firmware<=1.0.4
Canon Eos 6d Mark Ii

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203