CVE-2014-3911
CVE-2014-3911
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://update.websamsung.net/Tools/iPOLiS%20Device%20Manager/iPOLiS%20Device%20Manager_v1.8.7_setup_Full.ziphttp://www.securityfocus.com/bid/67822http://www.zerodayinitiative.com/advisories/ZDI-14-167/http://www.zerodayinitiative.com/advisories/ZDI-14-168/http://www.zerodayinitiative.com/advisories/ZDI-14-170/http://www.zerodayinitiative.com/advisories/ZDI-14-171/http://www.zerodayinitiative.com/advisories/ZDI-14-172/