CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score

NVD•added 2012/08/14 10:55 p.m.•15 views

CVE-2012-4335

Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service infinite loop via a negative size value in a TCP request to 1 NiwMasterService or 2 NiwStorageService. NOTE: some of these details are obtained from third party information...

7.8CVSS6.7AI score0.03482EPSS

NVD•added 2012/08/14 10:55 p.m.•14 views

CVE-2012-4334

The ConnectDDNS method in the 1 STWConfigNVR 1.1.13.15 and 2 STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information...

10CVSS7.7AI score0.06754EPSS

Prion•added 2012/08/14 10:55 p.m.•11 views

Information disclosure

7.8CVSS7.1AI score0.03482EPSS

Prion•added 2012/08/14 10:55 p.m.•16 views

Information disclosure

10CVSS8.3AI score0.06754EPSS

Prion•added 2012/08/14 10:55 p.m.•17 views

Stack overflow

Multiple stack-based buffer overflows in the BackupToAvi method in the 1 UMSCtrl 1.5.1.1 and 2 UMSCtrlSTW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtaine...

10CVSS8.3AI score0.60447EPSS

Exploits2References4Affected Software1

Cvelist•added 2012/08/14 10:0 p.m.•22 views

CVE-2012-4334

7.7AI score0.06754EPSS

Cvelist•added 2012/08/14 10:0 p.m.•23 views

CVE-2012-4335

6.7AI score0.03482EPSS

CVE•added 2012/08/14 10:0 p.m.•44 views

CVE-2012-4335

CVE-2012-4335 affects Samsung NET-i viewer 1.37.120316. A flaw in TCP handling allows remote attackers to trigger a denial of service (infinite loop) by sending a negative size value to NiwMasterService or NiwStorageService. Root cause is malformed input in TCP requests that produce looping behav...

7.8CVSS6.9AI score0.03482EPSS

CVE•added 2012/08/14 10:0 p.m.•43 views

CVE-2012-4334

The CVE-2012-4334 issue affects Samsung NET-i Viewer 1.37.120316, specifically the ConnectDDNS method in the STWConfigNVR 1.1.13.15 and STWConfig 1.1.14.13 ActiveX controls. A remote attacker can trigger arbitrary code execution via unspecified vectors. Details are drawn from multiple sources; th...

10CVSS8AI score0.06754EPSS

CVE•added 2012/08/14 10:0 p.m.•53 views

CVE-2012-4333

Summary (CVE-2012-4333) : Multiple stack-based buffer overflows in the BackupToAvi method of Samsung NET-i viewer’s ActiveX controls (CNC_Ctrl) and related UMS_Ctrl components allow remote code execution via a long fname string. Affected products include Samsung NET-i viewer 1.37.120316 and the C...

10CVSS8AI score0.60447EPSS

Exploits2References4Affected Software1

NVD•added 2012/08/13 6:55 p.m.•12 views

CVE-2012-4250

Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument...

9.3CVSS8AI score0.06239EPSS

Exploits1References3

Prion•added 2012/08/13 6:55 p.m.•13 views

Stack overflow

9.3CVSS8.7AI score0.06239EPSS

Exploits1References3Affected Software1

Cvelist•added 2012/08/13 6:0 p.m.•20 views

CVE-2012-4250

8AI score0.06239EPSS

Exploits1References3

CVE•added 2012/08/13 6:0 p.m.•48 views

CVE-2012-4250

CVE-2012-4250 affects Samsung NET-i viewer 1.37 via the XProcessControl.ocx ActiveX control (msls31.dll). A stack-based buffer overflow in RequestScreenOptimization allows remote attackers to run arbitrary code by supplying a long string as the first argument. The NVD entry confirms a high-severi...

9.3CVSS8.3AI score0.06239EPSS

Exploits1References3Affected Software1

Exploit DB•added 2012/06/08 12:0 a.m.•28 views

Samsung NET-i viewer - Multiple ActiveX 'BackupToAvi()' Remote Overflows (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Samsung NET-i...

7.4AI score

Metasploit•added 2012/06/07 10:47 a.m.•20 views

Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow

This module exploits a vulnerability in the CNCCtrl.dll ActiveX control installed with the Samsung NET-i viewer 1.37. Specifically, when supplying a long string for the fname parameter to the BackupToAvi method, an integer overflow occurs, which leads to a posterior buffer overflow due to the use...

10CVSS0.5AI score0.60447EPSS

Exploits2

Packet Storm•added 2012/06/07 12:0 a.m.•35 views

Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow

1AI score

0day.today•added 2012/06/07 12:0 a.m.•20 views

Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.1AI score