CVE-2012-4333

Currently unrated

Key Information:

Vendor: Samsung
Status: Net-i Viewer
Vendor: CVE Published:; 14 August 2012

Summary

Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtained from third party information.

References

http://www.exploit-db.com/exploits/18765

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/53193

vdb-entryx_refsource_BID

http://secunia.com/advisories/48966

third-party-advisoryx_refsource_SECUNIA

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 14, 2012
Vulnerability Reserved
Aug 14, 2012