Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i 0day.today 2018-02-27...

Samsung SmartViewer BackupToAvi 3.0 Remote Code Execution

var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution

var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...

Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2012-4333; CVE-2014-9265)

A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to...

CVE-2014-9265

CVE-2014-9265: A stack-based buffer overflow in the BackupToAvi method of Samsung SmartViewer’s CNC_Ctrl ActiveX Control allows remote code execution. The root cause is improper validation of the input buffer size before copying into a fixed-size stack buffer. Exploitation typically requires user...

Samsung SmartViewer CNC_Ctrl ActiveX Control BackupToAvi Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

samsung net-i ware <= 1.37 - Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: Samsung NET-i ware http://www.samsungsecurity.com/product/productview.asp?idx=6447 http://www.samsungsecurity.com/product/productview.asp?idx=5828 Versions: = 1.37 Platforms: Windows Bugs: A Endless loop in remote services B Code...

Stack overflow

Multiple stack-based buffer overflows in the BackupToAvi method in the 1 UMSCtrl 1.5.1.1 and 2 UMSCtrlSTW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtaine...

Samsung NET-i ware 1.37 - Multiple Vulnerabilities

Samsung NET-i ware 1.37 - Multiple Vulnerabilities Luigi Auriemma Application: Samsung NET-i ware http://www.samsungsecurity.com/product/productview.asp?idx=6447 http://www.samsungsecurity.com/product/productview.asp?idx=5828 Versions: = 1.37 Platforms: Windows Bugs: A Endless loop in remote...