CVE-2014-9266

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors...

Code injection

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2014-9266

Summary of CVE-2014-9266 (Samsung SmartViewer): The STWConfig ActiveX control in Samsung SmartViewer contains a flaw where a variable is not initialized before use, enabling remote code execution. According to ZDI-14-400, exploitation requires user interaction (target visits a malicious page or o...

Samsung SmartViewer STWConfig ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung SmartViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the STWConfi...

CVE-2012-4334

The CVE-2012-4334 issue affects Samsung NET-i Viewer 1.37.120316, specifically the ConnectDDNS method in the STWConfigNVR 1.1.13.15 and STWConfig 1.1.14.13 ActiveX controls. A remote attacker can trigger arbitrary code execution via unspecified vectors. Details are drawn from multiple sources; th...