Stack-based Buffer Overflow in Samsung NET-i Viewer ActiveX Control
CVE-2012-4250

Currently unrated

Key Information:

Vendor: Samsung
Status: Net-i Viewer
Vendor: CVE Published:; 13 August 2012

Summary

The vulnerability involves a stack-based buffer overflow in the RequestScreenOptimization function of the XProcessControl.ocx ActiveX control, found in msls31.dll within the Samsung NET-i Viewer version 1.37. Attackers can exploit this flaw by sending a deliberately long string in the first argument of the function, potentially allowing them to execute arbitrary code on the affected system. Proper security measures and patches are essential to mitigate this risk.

References

http://www.securityfocus.com/bid/53317

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/75310

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/18808

exploitx_refsource_EXPLOIT-DB

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 13, 2012
Vulnerability Reserved
Aug 13, 2012