Buffer Overflow Vulnerability in Samsung Kies ActiveX Control
CVE-2012-6429

Currently unrated

Key Information:

Vendor: Samsung
Status: Kies
Vendor: CVE Published:; 4 April 2014

Summary

A vulnerability exists in the SyncService.dll ActiveX control in Samsung Kies prior to version 2.5.1.12123_2_7, which can be exploited by remote attackers. By sending a specially crafted long string to the password argument in the PrepareSync method, an attacker can potentially execute arbitrary code on the affected system. This flaw underscores the importance of keeping software up to date to mitigate security risks.

References

https://www.htbridge.com/advisory/HTB23136

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/81160

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/bugtraq/2013-01/00...

mailing-listx_refsource_BUGTRAQ

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 4, 2014
Vulnerability Reserved
Dec 19, 2012