Remote Code Execution Flaw in Samsung SmartViewer
CVE-2015-8040

Currently unrated

Key Information:

Vendor: Samsung
Status: Smartviewer
Vendor: CVE Published:; 2 November 2015

Summary

The rtsp_getdlsendtime method in the CNC_Ctrl control of Samsung SmartViewer exposes a significant security risk, allowing remote attackers to execute arbitrary code through a manipulated index value. This vulnerability underscores the importance of safeguarding software environments against unauthorized access and the execution of unverified code, particularly in security-sensitive applications.

References

http://www.securityfocus.com/bid/77084

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-464

x_refsource_MISC

Timeline

Vulnerability published
Nov 2, 2015
Vulnerability Reserved
Nov 2, 2015