Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2012-4333; CVE-2014-9265)

A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to...

Stack overflow

Multiple stack-based buffer overflows in the BackupToAvi method in the 1 UMSCtrl 1.5.1.1 and 2 UMSCtrlSTW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtaine...