Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i 0day.today 2018-02-27...

Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2012-4333; CVE-2014-9265)

A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to...

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...

Samsung SmartViewer BackupToAvi 3.0 Remote Code Execution

var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...

CVE-2014-9265

CVE-2014-9265: A stack-based buffer overflow in the BackupToAvi method of Samsung SmartViewer’s CNC_Ctrl ActiveX Control allows remote code execution. The root cause is improper validation of the input buffer size before copying into a fixed-size stack buffer. Exploitation typically requires user...