1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP OSX Evocam GET BO


Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempt to exploit a buffer overflow vulnerability in the Evocam HTTP server for OSX

Additional Information

EvoCam is an HTTP server application available for Mac OS X.

EvoCam is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The vulnerability occurs when handling a specially crafted HTTP 'GET' request.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.

EvoCam 3.6.6 and 3.6.7 are vulnerable; other versions may also be affected.


  • Evological Evocam 3.6.7
  • Evological Evocam 3.6.6


Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube