39 matches found
ZIB - The Open Tor Botnet
General information and instructions. The Open Tor Botnet requires the installation and configuration of bitcoind, however I neglect to detail this here out of a lack of time. This bot-net is fully undetectable and bypasses all antivirus through running on top of Python27's pyinstaller, which is...
(0Day) Samsung SmartViewer STWAxConfig DVRSetupSave Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Samsung SmartViewer STWAxConfigNVR SendCustomPacket Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Samsung SmartViewer CNC_Ctrl ActiveX Control rtsp_getdlsendtime Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...
Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution Exploit
Exploit for windows platform in category remote exploits var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i 0day.today 2018-02-27...
Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution
Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...
Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2012-4333; CVE-2014-9265)
A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to...
Samsung SmartViewer BackupToAvi 3.0 Remote Code Execution
var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...
Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution
var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i...
CVE-2014-9266
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2014-9265
Stack-based buffer overflow in the BackupToAvi method in the CNCCtrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors...
Code injection
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors...
Stack overflow
Stack-based buffer overflow in the BackupToAvi method in the CNCCtrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2014-9266
Summary of CVE-2014-9266 (Samsung SmartViewer): The STWConfig ActiveX control in Samsung SmartViewer contains a flaw where a variable is not initialized before use, enabling remote code execution. According to ZDI-14-400, exploitation requires user interaction (target visits a malicious page or o...
CVE-2014-9265
Stack-based buffer overflow in the BackupToAvi method in the CNCCtrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2014-9265
CVE-2014-9265: A stack-based buffer overflow in the BackupToAvi method of Samsung SmartViewer’s CNC_Ctrl ActiveX Control allows remote code execution. The root cause is improper validation of the input buffer size before copying into a fixed-size stack buffer. Exploitation typically requires user...
CVE-2014-9266
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors...
Samsung SmartViewer STWConfig ActiveX Control Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the STWConfi...
Samsung SmartViewer CNC_Ctrl ActiveX Control BackupToAvi Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...