Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4333

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-4333
Last Modified 15 Aug 2012 04:31:45
Published 14 Aug 2012 06:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4333

Summary

Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Samsung Net-i Viewer 1.37.120316


References

XF - netiware-activex-control-bo(75070)

BID - 53193

EXPLOIT-DB - 18765

SECUNIA - 48966


Last Updated: 27 May 2016 10:42:32