CVE-2014-3912

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
12.3%
top 6.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Ipolis Device Manager
Timeline
PublishedJun 5
Latest updateMay 17

Description

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: www.zerodayinitiative.comPatch: www.zerodayinitiative.com

🔴Vulnerability Details

2
GHSA
GHSA-9f3p-cpj2-496g: Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE2022-05-17
CVEList
CVE-2014-3912: Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE2014-06-05
CVE-2014-3912 (CRITICAL CVSS 9.3) | Stack-based buffer overflow in the | cvebase.io