CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3912

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.123

EPSS Ranking 93.6%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/67823
http://www.zerodayinitiative.com/advisories/ZDI-14-169
http://www.securityfocus.com/bid/67823
http://www.zerodayinitiative.com/advisories/ZDI-14-169

Products affected by CVE-2014-3912

Samsung » Ipolis Device Manager » Version: 1.8.2

cpe:2.3:a:samsung:ipolis_device_manager:1.8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3912

Products

Pricing

Contact Us