36 matches found
Samsung iPOLiS 1.12.2 - iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue (PoC)
Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue Remote Code Execution PoC var arg1 = ""; var arg2="praveend"; for i=0; i !-- Stack Trace Exception Code: ACCESSVIOLATION Disasm: 149434 MOV AL,ESI+EDX Seh Chain: -------------------------------------------------- 1 647C7D7D mfc100.dl...
Samsung iPolis Buffer Overflow
CVE-2015-0555 Introduction There is a Buffer Overflow Vulnerability which leads to Remote Code Execution. Vulnerability is due to input validation to the API ReadConfigValue and WriteConfigValue API's in XnsSdkDeviceIpInstaller.ocx This is different from CVE-2014-3911 as the version of iPolis...
Samsung iPOLiS Device Manager FindConfigChildeKeyList Buffer Overflow (CVE-2014-3912)
A stack-based buffer overflow vulnerability has been reported in Samsung iPOLiS Device Manager. The vulnerability is due to insufficient input validation in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller ActiveX control. A remote attacker can exploit these vulnerabilities by enticing a user to...
CVE-2014-3911
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the 1 Start, 2 ChangeControlLocalName, 3 DeleteDeviceProfile, 4 FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control...
Design/Logic Flaw
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the 1 Start, 2 ChangeControlLocalName, 3 DeleteDeviceProfile, 4 FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control...
CVE-2014-3911
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the 1 Start, 2 ChangeControlLocalName, 3 DeleteDeviceProfile, 4 FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control...
CVE-2014-3911
CVE-2014-3911 affects Samsung iPOLiS Device Manager prior to 1.8.7. The issue is a remote code execution vulnerability in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control; providing malicious values to methods such as Start, ChangeControlLocalName, DeleteDeviceProfile, FrameAdvan...
CVE-2014-3912
Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value...
Stack overflow
Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value...
CVE-2014-3912
CVE-2014-3912 is a stack-based buffer overflow in the Samsung iPOLiS Device Manager’s ActiveX control XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1. The FindConfigChildeKeyList() method can be overflowed by a sufficiently long value, enabling remote code execution. Affected product: Samsung iPOLi...
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FindConfigChildeKeyList Method Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 Multiple Methods Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FrameAdvanceReader Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ChangeControlLocalName Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 DeleteDeviceProfile Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Samsung iPOLiS Device Manager XNSSDKWINDOW.XnsSdkWindowCtrlForIpInstaller.1 Start Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...