Lucene search

[email protected]CVE-2014-3912

HistoryJun 05, 2014 - 5:55 p.m.

CVE-2014-3912

2014-06-0517:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-3912

buffer overflow

samsung

ipolis

device manager

nvd

security vulnerability

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.305 Low

EPSS

Percentile

97.0%

JSON

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

CPENameOperatorVersion
samsung:ipolis_device_managersamsung ipolis device managerle1.8.2

CPE	Name	Operator	Version
samsung:ipolis_device_manager	samsung ipolis device manager	le	1.8.2

References

www.securityfocus.com/bid/67823

www.zerodayinitiative.com/advisories/ZDI-14-169

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.305 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2014-3912

zdi1 prion1 cvelist1 checkpoint_advisories1