Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities

February 21, 2015 007admin Leave a comment

Posted by Praveen D on Feb 21

CVE-2015-0555

Introduction
*************************************************************

There is a Buffer Overflow Vulnerability which leads to Remote Code
Execution.
Vulnerability is due to input validation to the API ReadConfigValue and
WriteConfigValue API’s in XnsSdkDeviceIpInstaller.ocx

This is different from CVE-2014-3911 as the version of iPolis 1.12.2
(latest as of 12/12/2014).
CVE-2014-3911 is related to different ActiveX and on…

007 Software

Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities

Leave a Reply Cancel reply

Software and Security Information