Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
BID:53317
Info
Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
| Bugtraq ID: | 53317 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-4250 |
| Remote: | Yes |
| Local: | No |
| Published: | May 01 2012 12:00AM |
| Updated: | Aug 16 2012 01:20PM |
| Credit: | Blake |
| Vulnerable: |
Samsung NET-i viewer 1.37 |
| Not Vulnerable: | |
Discussion
Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
Samsung NET-i Viewer is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.
Attackers may exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
Samsung NET-i Viewer is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.
Attackers may exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
Exploit / POC
Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
References:
References:
- Samsung NET-i viewer (Samsung)