Samsung : Security Vulnerabilities, CVEs, Published In 2014 (Code Execution)

CVE-2014-9266

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
6.8
EPSS Score
46.84%
Published
2014-12-08
Updated
2014-12-23

CVE-2014-9265

Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
6.8
EPSS Score
59.77%
Published
2014-12-08
Updated
2014-12-09

CVE-2014-3912

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.
Max CVSS
9.3
EPSS Score
30.47%
Published
2014-06-05
Updated
2014-06-06

CVE-2014-3911

Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.
Max CVSS
9.3
EPSS Score
13.36%
Published
2014-06-11
Updated
2014-06-12

CVE-2012-6429

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
Max CVSS
10.0
EPSS Score
45.45%
Published
2014-04-04
Updated
2017-08-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close