3 matches found
CVE-2015-0555
Samsung iPOLiS Device Manager 1.12.2 contains a buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control. The vulnerability affects the ReadConfigValue and WriteConfigValue methods, allowing remote code execution via a long string passed as the first argument. The issue is documented ac...
CVE-2014-3911
CVE-2014-3911 affects Samsung iPOLiS Device Manager prior to 1.8.7. The issue is a remote code execution vulnerability in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control; providing malicious values to methods such as Start, ChangeControlLocalName, DeleteDeviceProfile, FrameAdvan...
CVE-2014-3912
CVE-2014-3912 is a stack-based buffer overflow in the Samsung iPOLiS Device Manager’s ActiveX control XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1. The FindConfigChildeKeyList() method can be overflowed by a sufficiently long value, enabling remote code execution. Affected product: Samsung iPOLi...