2 matches found
CVE-2018-3906
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack...
CVE-2018-3906
Samsung SmartThings Hub video-core HTTP server vulnerability (CVE-2018-3906) is a stack-based buffer overflow in the retrieval of shard.videoHostURL from SQLite. The vulnerable function uses strncpy with a 0x100-byte limit when copying an overridden URL, but then copies the database result with s...