Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2012-4333; CVE-2014-9265)

A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to...

CVE-2012-4333

Multiple stack-based buffer overflows in the BackupToAvi method in the 1 UMSCtrl 1.5.1.1 and 2 UMSCtrlSTW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtaine...

CVE-2012-4333

Summary (CVE-2012-4333) : Multiple stack-based buffer overflows in the BackupToAvi method of Samsung NET-i viewer’s ActiveX controls (CNC_Ctrl) and related UMS_Ctrl components allow remote code execution via a long fname string. Affected products include Samsung NET-i viewer 1.37.120316 and the C...

CVE-2012-4333

creationtimestamp| type| source ---|---|--- 2012-04-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18765 2012-06-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19027 2018-05-29 15:50:33+00:00| seen|...