Lucene search
K

11 matches found

CVE
CVE
added 2020/01/09 9:54 p.m.98 views

CVE-2012-3809

Samsung Kies before 2.5.0.12094_27_11 is affected by multiple vulnerabilities linked to its ActiveX and firmware update components. CVE-2012-3809 (Arbitrary Directory Modification) arises from a flaw in CmdAgentLib within CmdAgent.dll (Samsung Kies External\FirmwareUpdate) that allows modificatio...

7.5CVSS8.5AI score0.04989EPSS
CVE
CVE
added 2020/01/09 9:34 p.m.96 views

CVE-2012-3806

CVE-2012-3806 concerns Samsung Kies prior to 2.5.0.12094_27_11, with a NULL pointer dereference vulnerability that could allow remote attackers to cause a denial of service. The vulnerability is associated with the Samsung Kies ActiveX components as well as the desktop client’s handling of certai...

7.5CVSS8.3AI score0.03652EPSS
CVE
CVE
added 2020/01/09 9:48 p.m.87 views

CVE-2012-3807

Samsung Kies before 2.5.0.12094_27_11 is affected by CVE-2012-3807 (and related CVEs) with arbitrary file execution via vulnerable components (notably ActiveX controls and related DLLs). Public sources indicate multiple vulnerabilities in Samsung Kies ActiveX/DCAPARAGONGM.dll and CmdAgent.dll, en...

9.8CVSS9.5AI score0.31563EPSS
CVE
CVE
added 2020/01/09 9:51 p.m.86 views

CVE-2012-3808

CVE-2012-3808 concerns Samsung Kies. The connected docs confirm a vulnerability class of Arbitrary File Modification in Kies versions prior to 2.5.0.12094_27_11, caused by insecure operations in the CmdAgentLib/CmdAgent dlls (ICommandAgent interface) used by Kies’ firmware update component. The a...

7.5CVSS8.6AI score0.04989EPSS
CVE
CVE
added 2020/01/09 9:56 p.m.82 views

CVE-2012-3810

CVE-2012-3810 pertains to Samsung Kies before 2.5.0.12094_27_11, with multiple vulnerabilities arising from the CmdAgentLib and related ActiveX components. The attached documents describe: (1) CVE-2012-3810 — Arbitrary Registry Modification via CmdAgentLib, enabling manipulation of registry keys/...

7.5CVSS8.5AI score0.04989EPSS
CVE
CVE
added 2022/06/07 6:19 p.m.80 views

CVE-2022-30744

CVE-2022-30744 is a DLL hijacking vulnerability in KiesWrapper of Samsung Kies prior to 2.6.4.22043_1. The issue allows a local attacker to execute arbitrary code by loading a DLL without an absolute path, with impact described as arbitrary code execution and requiring local access. Affected comp...

7.8CVSS7.8AI score0.00234EPSS
CVE
CVE
added 2022/04/11 7:37 p.m.79 views

CVE-2022-27843

The CVE-2022-27843 entry describes a DLL hijacking vulnerability in Samsung Kies prior to version 2.6.4.22014_2, which could allow an attacker to execute arbitrary code. Affected product: Kies (Samsung Kies desktop software); affected component: the DLL handling path resolution leading to hijack....

7.8CVSS7.6AI score0.00228EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.79 views

CVE-2022-39845

CVE-2022-39845 concerns Samsung Kies prior to 2.6.4.22074, where an improper validation of the integrity check enables a local attacker to delete arbitrary directories via a directory junction. The entry is corroborated across multiple sources (NVD entry details, Red Hat advisory, CVE records) in...

7.1CVSS6.8AI score0.00124EPSS
CVE
CVE
added 2012/08/24 8:0 p.m.77 views

CVE-2012-2990

The CVE-2012-2990 entry concerns the MarkAny ContentSAFER MASetupCaller ActiveX control (MASetupCaller.dll) bundled with Samsung KIES. The vulnerability affects versions prior to 1.4.2012.508 and is triggered by certain method calls in the ActiveX, allowing a remote attacker to download and execu...

9.3CVSS7AI score0.03721EPSS
CVE
CVE
added 2014/04/04 2:0 p.m.58 views

CVE-2012-6429

CVE-2012-6429 is a buffer overflow in the PrepareSync() method of the SyncService.dll ActiveX control in Samsung Kies prior to version 2.5.1.12123_2_7 . The vulnerability arises from insufficient input sanitisation, allowing a remote attacker to supply a crafted long value to the password paramet...

10CVSS8.1AI score0.1547EPSS
CVE
CVE
added 2017/04/13 4:0 p.m.51 views

CVE-2015-8780

The CVE-2015-8780 entry concerns Samsung wssyncmlnps before 2015-10-31, where Kies restore contains a directory traversal flaw (ZipFury). The vulnerability exists in Samsung wssyncmlnps Kies restore prior to the given date and could allow an attacker to write arbitrary files. Connected CNVD entry...

6.9CVSS6.4AI score0.00619EPSS