39 matches found
EUVD-2015-7933
Malware in sbrugna...
EUVD-2014-9090
Malware in sbrugna...
EUVD-2015-7932
Malware in sbrugna...
EUVD-2014-9091
Malware in sbrugna...
Samsung SmartViewer STWAxConfigNVR Memory Corruption (CVE-2015-8039)
A memory corruption vulnerability exists in Samsung SmartViewer. The vulnerability is due to untrusted pointer dereference. A remote attacker may exploit this vulnerability by enticing a victim to visit a maliciously crafted page...
Samsung SmartViewer STWAxConfig Memory Corruption (CVE-2015-8039)
A memory corruption vulnerability exists in Samsung SmartViewer. The vulnerability is due to untrusted pointer dereference. A remote attacker may exploit this vulnerability by enticing a victim to visit a maliciously crafted page...
Samsung SmartViewer CNC_Ctrl ActiveX Control Out of Bounds Indexing (CVE-2015-8040)
A remote code execution vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of the index parameter provided to the rtspgetdlsendtime method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the...
Samsung SmartViewer Arbitrary Code Execution Vulnerability (CNVD-2015-07353)
Samsung SmartViewer is a hard disk recorder DVR monitoring software from Samsung. An arbitrary code execution vulnerability exists in Samsung SmartViewer. It allows remote attackers to execute arbitrary code via indexed values...
Samsung SmartViewer Arbitrary Code Execution Vulnerability (CNVD-2015-07352)
Samsung SmartViewer is a hard disk recorder DVR monitoring software from Samsung. An arbitrary code execution vulnerability exists in Samsung SmartViewer. It allows remote attackers to execute arbitrary code by triggering an untrusted pointer reference in the DVRSetupSave method of the STWAxConfi...
CVE-2015-8040
The rtspgetdlsendtime method in the CNCCtrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value...
CVE-2015-8039
Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the 1 DVRSetupSave method in the STWAxConfig control or 2 SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference...
Null pointer dereference
Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the 1 DVRSetupSave method in the STWAxConfig control or 2 SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference...
Design/Logic Flaw
The rtspgetdlsendtime method in the CNCCtrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value...
CVE-2015-8039
Samsung SmartViewer is affected by CVE-2015-8039 via untrusted pointer dereference in two components: the DVRSetupSave method of STWAxConfig and the SendCustomPacket method of STWAxConfigNVR. Connected advisories (ZDI-15-462, ZDI-15-463) describe remote code execution with attacker-supplied memor...
CVE-2015-8040
The CVE-2015-8040 issue affects Samsung SmartViewer’s CNC_Ctrl ActiveX control, specifically the rtsp_getdlsendtime method. The root cause is improper validation of a user-supplied index value, enabling a remote attacker to execute arbitrary code. Exploitation would occur when a target user visit...
CVE-2015-8040
The rtspgetdlsendtime method in the CNCCtrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value...
CVE-2015-8039
Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the 1 DVRSetupSave method in the STWAxConfig control or 2 SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference...
Samsung SmartViewer 'SendCustomPacket' Method Remote Code Execution Vulnerability
Samsung SmartViewer is a suite of video viewing software designed for video surveillance systems. A security vulnerability exists in the handling of the Samsung SmartViewer 'SendCustomPacket' method, which allows remote attackers to exploit the vulnerability to conduct a denial-of-service attack...
Samsung SmartViewer Remote Code Execution Vulnerability
Samsung SmartViewer is a suite of video viewing software designed for video surveillance systems. The software supports viewing live video over the Internet, as well as searching for video from cameras connected through a Samsung DVR or NVR. A remote code execution vulnerability exists in Samsung...
Samsung SmartViewer 'DVRSetupSave' Method Remote Code Execution Vulnerability
Samsung SmartViewer is a suite of video viewing software designed for video surveillance systems. An unspecified security vulnerability exists in Samsung SmartViewer that could be exploited by remote attackers to conduct a denial-of-service attack and crash the application...