Stack-based Buffer Overflow in Samsung SmartViewer ActiveX Control
CVE-2014-9265

Currently unrated

Key Information:

Vendor: Samsung
Status: Smartviewer
Vendor: CVE Published:; 8 December 2014

Summary

The BackupToAvi method in the CNC_Ctrl ActiveX control of Samsung SmartViewer is vulnerable to a stack-based buffer overflow. This flaw allows remote attackers to potentially execute arbitrary code on systems utilizing affected versions of the software. It is crucial for users to apply available security updates and follow best practices for ActiveX controls to mitigate the risk of exploitation. For additional details, refer to the advisories from reputable sources.

References

http://www.securityfocus.com/bid/71486

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-14-401/

x_refsource_MISC

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 8, 2014
Vulnerability Reserved
Dec 4, 2014