Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2990

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-2990
Last Modified 29 Aug 2012 12:00:00
Published 24 Aug 2012 04:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2990

Summary

The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document.

Vulnerable Systems

Application

  • Samsung Kies 2.3.2.12074


References

CERT-VN - VU#663809

MISC - http://www.krcert.or.kr/kor/data/secNoticeView.jsp?p_bulletin_writing_sequence=931


Last Updated: 27 May 2016 11:00:19