CVE-2015-8039

Currently unrated

Key Information:

Vendor: Samsung
Status: Smartviewer
Vendor: CVE Published:; 2 November 2015

Summary

Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference.

References

http://www.securityfocus.com/bid/77079

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-463

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-462

x_refsource_MISC

EPSS Score

92% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 2, 2015
Vulnerability Reserved
Nov 2, 2015