Samsung SmartViewer CNC_Ctrl ActiveX Control Buffer Overflow (CVE-2014-9265; CVE-2012-4333)

A stack buffer overflow vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of a parameter provided to the BackupToAvi method of the CNC_Ctrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the target user to visit a malicious web page.

Leave a Reply