← back
CVE-2014-3911

CVE-2014-3911

EPSS 5.6%
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://update.websamsung.net/Tools/iPOLiS%20Device%20Manager/iPOLiS%20Device%20Manager_v1.8.7_setup_Full.ziphttp://www.securityfocus.com/bid/67822http://www.zerodayinitiative.com/advisories/ZDI-14-167/http://www.zerodayinitiative.com/advisories/ZDI-14-168/http://www.zerodayinitiative.com/advisories/ZDI-14-170/http://www.zerodayinitiative.com/advisories/ZDI-14-171/http://www.zerodayinitiative.com/advisories/ZDI-14-172/