CVE-2014-3912

Currently unrated

Key Information:

Vendor: Samsung
Status: Ipolis Device Manager
Vendor: CVE Published:; 5 June 2014

Summary

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

References

http://www.zerodayinitiative.com/advisories/ZDI-14-169

x_refsource_MISC

http://www.securityfocus.com/bid/67823

vdb-entryx_refsource_BID

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 5, 2014
Vulnerability Reserved
May 29, 2014