Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6429

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-6429
Last Modified 04 Apr 2014 11:44:38
Published 04 Apr 2014 10:55:07
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-6429

Summary

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.

Vulnerable Systems

Application

  • Samsung Kies 2.5.0.12114 1


References

MISC - https://www.htbridge.com/advisory/HTB23136

XF - kies-activex-control-bo(81160)

BID - 57249

MISC - http://packetstormsecurity.com/files/119423/Samsung-Kies-2.5.0.12114_1-Buffer-Overflow.html

OSVDB - 89118

BUGTRAQ - 20130109 Remote Buffer Overflow Vulnerability in Samsung Kies


Last Updated: 27 May 2016 11:04:51